Modeling the Stuxnet attack with BDMP: Towards more formal risk assessments

  title={Modeling the Stuxnet attack with BDMP: Towards more formal risk assessments},
  author={Siwar Kriaa and Marc Bouissou and Ludovic Pi{\`e}tre-Cambac{\'e}d{\`e}s},
  journal={2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS)},
Attack modeling has recently been adopted by security analysts as a useful tool in risk assessment of cyber-physical systems. We propose in this paper to model the Stuxnet attack with BDMP (Boolean logic Driven Markov Processes) formalism and to show the advantages of such modeling. After a description of the architecture targeted by Stuxnet, we explain the steps of the attack and model them formally with a BDMP. Based on estimated values of the success probabilities and rates of the elementary… CONTINUE READING


Publications citing this paper.
Showing 1-10 of 18 extracted citations

A review of cyber security risk assessment methods for SCADA systems

Computers & Security • 2016
View 17 Excerpts
Highly Influenced

A Model-Data Integrated Cyber Security Risk Assessment Method for Industrial Control Systems

2018 IEEE 7th Data Driven Control and Learning Systems Conference (DDCLS) • 2018
View 1 Excerpt


Publications referenced by this paper.
Showing 1-10 of 10 references

How stuxnet spreads, a study of infection paths in best practice systems (v1.0)

Tofini Security, Abterra Technologies,
Whitepaper, Feb. 2011. • 2011
View 12 Excerpts
Highly Influenced

Evaluating information assurance control effectiveness on an air force supervisory control and data acquisition (SCADA) system

J. R. Nielsen
Master’s thesis, Air Force University, 2011. • 2011
View 2 Excerpts

Modelling of cyber attacks for assessing smart grid security

G. Dondossola, L. Piètre-Cambacédès, J. McDonald, M. Ekstedt, a. Torkilseng
2011 CIGRE D2 Colloquium, Buenos Aires, Argentina, Oct. 2011. • 2011
View 1 Excerpt

Security Modeling with BDMP: From Theory to Implementation

2011 Conference on Network and Information Systems Security • 2011
View 6 Excerpts

Stuxnet under the microscope (v1.0)

A. Matrosov, E. Rodionov, D. Harley, J. Malcho
ESET, pp. 1–85, Feb. 2011. • 2011
View 2 Excerpts

Stuxnet: Analysis, myths and realities

D. Helan
Actu Secu, Feb. 2011. • 2011
View 2 Excerpts

W32.Stuxnet Dossier (v1.4)

N. Falliere, L. O. Murchu, E. Chien
Symantec report, Feb. 2011. • 2011
View 2 Excerpts

Similar Papers

Loading similar papers…