A Fuzzy Probability Bayesian Network Approach for Dynamic Cybersecurity Risk Assessment in Industrial Control Systems

With the increasing deployment of data network technologies in industrial control systems (ICSs), cybersecurity becomes a challenging problem in ICSs. Dynamic cybersecurity risk assessment plays a vital role in ICS cybersecurity protection. However, it is difficult to build a risk propagation model for ICSs due to the lack of sufficient historical data. In this paper, a fuzzy probability Bayesian network (FPBN) approach is presented for dynamic risk assessment. First, an FPBN is established for analysis and prediction of the propagation of cybersecurity risks. To overcome the difficulty of limited historical data, the crisp probabilities used in standard Bayesian networks are replaced in our approach by fuzzy probabilities. Then, an approximate dynamic inference algorithm is developed for dynamic assessment of ICS cybersecurity risk. It is embedded with a noise evidence filter in order to reduce the impact from noise evidence caused by system faults. Experiments are conducted on a simplified chemical reactor control system to demonstrate the effectiveness of the presented approach.