Evaluation of industrial network robustness against targeted attacks

Abstract

SummaryDeveloping a long‐lasting, secure Industry 4.0 system presents a significant challenge for businesses and other interested parties. Industrial control systems (ICSs) are particularly vulnerable to cybercrime because of the operating systems' excessive availability and high robustness requirements. This research investigates five graph‐theory‐based measures to evaluate the robustness of industrial network topologies against three centrality‐based attacks and one random attack. Experiments are conducted to examine the three levels of the ICS network topology, from the field devices to the controllers and the enterprise devices. The results are twofold. On the one hand, the closeness‐based attack is the most harmful since it has the highest destructive potential and needs to attack only half of the total nodes in the network to reach the lowest robustness level. The betweenness‐based attack follows closely in terms of destruction, whereas the degree‐based attack is less destructive but rapidly degrades the robustness of the network. On the other hand, the flow robustness measure provides the best performance in the presence of any of the studied attacks, showing strong perception of robustness reduction when only one percent of the total nodes in the network are attacked. For this reason, the flow robustness measure is suitable to identify and locate the targeted attacks at their early stages, preventing them from becoming more catastrophic. Finally, the results suggest that the industrial network security system should combine at least two measures to ensure robustness against the most destructive attacks and their early‐stage detection. The research also confirmed the results by implementing attacks and measures on a real gas transmission network.