Search for: All records

Abstract In cybersecurity, incomplete inspection, resulting mainly from computers being turned off during the scan, leads to a challenge for scheduling maintenance actions. This article proposes the application of partially observable decision processes to derive cost‐effective cyber maintenance actions that minimize total costs. We consider several types of hosts having vulnerabilities at various levels of severity. The maintenance cost structure in our proposed model consists of the direct costs of maintenance actions in addition to potential incident costs associated with different security states. To assess the benefits of optimal policies obtained from partially observable Markov decision processes, we use real‐world data from a major university. Compared with alternative policies using simulations, the optimal control policies can significantly reduce expected maintenance expenditures per host and relatively quickly mitigate the most important vulnerabilities. 

We propose a simple framework for Industrial Control System (ICS) system cybersecurity. The proposed system is based on considerations which include known vulnerabilities, safety issues, and the centrality of assets in hypothetical attack vectors. We relate the proposed system to the Purdue Model and two optimization formulations from the literature. We also relate our point system to the results of a recent penetration testing exercise on a manufacturing robotic cell. Finally, we discuss multiple challenges including that posed by legacy equipment and threats to manufacturing uptime.