A Bayesian-Attack-Graph-Based Security Assessment Method for Power Systems.

In today's highly advanced information technology environment, modern network and communication technologies are widely used in monitoring and controlling power systems. These technologies have evolved significantly. They now form a high-performance digital system known as the cyber–physical power system. However, vulnerabilities in communication networks present growing threats to these systems. This paper seeks to enhance the accurate assessment of the security posture of cyber-physical power systems by inferring attackers' intentions. A threat modeling approach based on Bayesian attack graphs is presented, employing Bayesian networks to define and evaluate potential threats that attackers could pose to different system infrastructures. The paper initially conducts a qualitative analysis of the system's threats, constructing a directed graph structure and establishing conditional probability tables among nodes based on prior knowledge. Subsequently, methods are developed to compute the threat levels at different system nodes using real-time detected attack events. Further analysis methods and security assessment metrics are also developed to identify attack paths and quantify system security. Finally, a Bayesian attack graph is constructed in accordance with the system's structure. In practical scenarios, the attack path analysis method can predict the most vulnerable attack paths, while the absolute values of the security assessment metrics indicate the overall risk level of the system. [ABSTRACT FROM AUTHOR]