Cybernetic modeling of Industrial Control Systems: Towards threat analysis of critical infrastructure
This addresses security threats in critical infrastructure like ICS networks, but it appears incremental as it applies existing VSM principles to a specific domain.
The paper tackles the problem of fragmented security approaches in Industrial Control Systems (ICS) by proposing a new cybernetic model based on the Viable System Model (VSM) to provide a comprehensive view for threat analysis, aiming to drive cybersecurity decisions.
Industrial Control Systems (ICS) encompassing resources for process automation are subjected to a wide variety of security threats. The threat landscape is arising due to increased adoption of Commercial-of-the-shelf (COTS) products as well as the convergence of Internet and legacy systems. Prevalent security approaches for protection of critical infrastructure are scattered among various subsystems and modules of ICS networks. This demands a new state-of-the-art cybernetic model of ICS networks, which can help in threat analysis by providing a comprehensive view of the relationships and interactions between the subsystems. Towards this direction, the principles of the Viable System Model (VSM) are applied to introduce a conceptual recursive model of secure ICS networks that can drive cyber security decisions.