Affiliation:
1. Department of Mechatronics Engineering, German Jordanian University, Amman 11180, Jordan
Abstract
Industrial control systems are often used to assist and manage an industrial operation. These systems’ weaknesses in the various hierarchical structures of the system components and communication backbones make them vulnerable to cyberattacks that jeopardize their security. In this paper, the security of these systems is studied by employing a reinforcement learning extended attack graph to efficiently reveal the subsystems’ flaws. Specifically, an attack graph that mimics the environment is constructed for the system using the state–action–reward–state–action technique, in which the agent is regarded as the attacker. Attackers may cause the greatest amount of system damage with the fewest possible actions if they have the highest cumulative reward. The worst-case assault scheme with a total reward of 42.9 was successfully shown in the results, and the most badly affected subsystems were recognized.
Reference52 articles.
1. Cybersecurity for industrial control systems: A survey;Bhamare;Comput. Secur.,2020
2. Eden, P., Blyth, A., Jones, K., Soulsby, H., Burnap, P., Cherdantseva, Y., and Stoddart, K. (2017). Cybersecurity for Industry 4.0: Analysis for Design and Manufacturing, Springer.
3. Machine learning for intrusion detection in industrial control systems: Applications, challenges, and recommendations;Umer;Int. J. Crit. Infrastruct. Prot.,2022
4. Ibrahim, M., Al-Hindawi, Q., Elhafiz, R., Alsheikh, A., and Alquq, O. (2019). Attack graph implementation and visualization for cyber physical systems. Processes, 8.
5. Managing electric vehicles in the smart grid using artificial intelligence: A survey;Rigas;IEEE Trans. Intell. Transp. Syst.,2014