Architecture‐oriented security strategy determination for cyber‐physical systems

Cyber‐physical systems (CPSs) usually have a huge number of nodes, and it is very expensive to deploy security defenses at all nodes. Therefore, selecting the most appropriate nodes for protection to ensure system security is an essential issue in CPS. However, how to achieve this in the system design phase remains to be an open challenge. In this paper, we propose a security strategy determination method for CPS design models. In particular, we utilize SysML to model a CPS. To choose the best nodes for security protection, we realize an automatic construction of an attack‐defense tree (ADTree) model from the SysML model by considering the known attacks and defenses. Further, we transform the ADTree model into an atom attack‐defense tree (A2DTree) model and infer the optimal security strategy under a given cost constraint. We implement our method as an open‐source tool and test it with a pump station attack. The experimental results show that the proposed method is reasonable and feasible and can provide theoretical guidance for the formulation of CPS security policies.