petri net modelling of physical vulnerability

15
Petri Net Modelling Petri Net Modelling of Physical of Physical Vulnerability Vulnerability F. Flammini, S. Marrone, N. Mazzocca, V. Vittorini Stefano Marrone Dept. of Mathematics Second University of Naples CRITIS 2011 September 8-9, 2011 Luzern, Switzerland

Upload: stefanounina2

Post on 21-Jun-2015

318 views

Category:

Technology


5 download

DESCRIPTION

The sildes are relative to the presentation of an omonymous paper at the 6th international conference on critical information infrastructure security (CRITIS 2011).The paper is about the evaluation of the vulnerability of a physical protection system by the use of an extensible and customizable Petri Net model.

TRANSCRIPT

Page 1: Petri Net Modelling of Physical Vulnerability

Petri Net ModellingPetri Net Modelling of Physical Vulnerability of Physical Vulnerability

F. Flammini, S. Marrone, N. Mazzocca, V. Vittorini

Stefano Marrone

Dept. of Mathematics

Second University of Naples

CRITIS 2011September 8-9, 2011Luzern, Switzerland

Page 2: Petri Net Modelling of Physical Vulnerability

OutlineOutline

Evaluation of physical protectionChallenges in vulnerability modellingPetri Net vulnerability modelsEvaluation on case studiesConclusions

2

S. Marrone - Petri Net Modelling of Physical Vulnerability

Page 3: Petri Net Modelling of Physical Vulnerability

Evaluation of physical Evaluation of physical protectionprotection

Physical security needs quantitative risk assessement◦ Certification◦ design protections and countermeasures◦ cost/benefits tradeoffs

Mathematical and formal models must be used◦ risk assessement methodology◦ widespread in both academia and industry◦ simpler than analyzing the system!!

3

S. Marrone - Petri Net Modelling of Physical Vulnerability

Page 4: Petri Net Modelling of Physical Vulnerability

Evaluation of physical Evaluation of physical protectionprotection

Risk model:R = P V D

Pros:◦ simple◦ effective

Cons◦ does not take into account mutual

influences◦ not associated with a methodology

4

S. Marrone - Petri Net Modelling of Physical Vulnerability

Frequency of the Threat

Likelihood that attack

is successful

Damage an attack provokes

Page 5: Petri Net Modelling of Physical Vulnerability

Challenges in vulnerability Challenges in vulnerability modellingmodelling

Vulnerability◦ (information security): weakness of a system

which allows attackers to reduce security◦ (physical security): probability for an attacker

to have success against system protectionsHennessey’s model

5

S. Marrone - Petri Net Modelling of Physical Vulnerability

effectiveness

detection

interruptionneutralizati

on

sensing

assessement

Page 6: Petri Net Modelling of Physical Vulnerability

Challenges in vulnerability Challenges in vulnerability modellingmodelling

At language level◦ strong mathematical foundation◦ intuitive and user-friendly

At model level◦ usable◦ customizable◦ trustable

6

S. Marrone - Petri Net Modelling of Physical Vulnerability

Petri Nets

Compositional

extensible approach

Page 7: Petri Net Modelling of Physical Vulnerability

Petri Net vulnerability ModelsPetri Net vulnerability Models

The models relate time intervals (latencies) with probabilities of the Hennessey model

◦ no deterrent effects (independence of “PVD” factors)

◦ simple instantiation of system parameters◦ simple calculation of results

(multiplication)

◦ Probability of interruption (PI)

7

S. Marrone - Petri Net Modelling of Physical Vulnerability

Page 8: Petri Net Modelling of Physical Vulnerability

Petri Net vulnerability ModelsPetri Net vulnerability Models

8

S. Marrone - Petri Net Modelling of Physical Vulnerability

Basic vulnerability model

reaction delay(sensing, assessement,

response)

delay to accomplish attack

Page 9: Petri Net Modelling of Physical Vulnerability

Petri Net vulnerability ModelsPetri Net vulnerability Models

9

S. Marrone - Petri Net Modelling of Physical Vulnerability

Detecting failure

Complex Defense Path

Page 10: Petri Net Modelling of Physical Vulnerability

Petri Net vulnerability ModelsPetri Net vulnerability Models

10

S. Marrone - Petri Net Modelling of Physical Vulnerability

Two phased attack

Page 11: Petri Net Modelling of Physical Vulnerability

Evaluation on case studiesEvaluation on case studies

11

S. Marrone - Petri Net Modelling of Physical Vulnerability

Anti-theft (e.g. critical server in a technical room)

Probability

Latency

Sensing (magnetic switches) PS = 98% LS = 5 sec

Assessment (control room) PA = 95% LA = 45 sec

Response (remote guards) PN = 95% LR = 180 sec

Attack accomplishment (disconnect server and get out of room)

LT =120 sec

PI is evaluated by Petri Net analysis

PI = 34% V = 0.7

Page 12: Petri Net Modelling of Physical Vulnerability

Evaluation on case studiesEvaluation on case studies

12

S. Marrone - Petri Net Modelling of Physical Vulnerability

CBRNe (e.g. metro railway application)

Probability

Latency

Sensing (CBRNe detectors) PS = 95% LS = 15 sec

Assessment (detection of source in crowded area)

PA = 95% LA = 30 sec

Response (local guards) PN = 95% LR = 30 sec

Attack accomplishment (deflagrate, etc...)

LT = 30 sec

PI = 29% V = 0.75

Page 13: Petri Net Modelling of Physical Vulnerability

Evaluation on case studiesEvaluation on case studies

13

S. Marrone - Petri Net Modelling of Physical Vulnerability

CBRNe (e.g. metro railway application)What if:

◦ Computer based assessement LA = 2 sec

◦ Automatic blocking of turnstile doors LR = 3 sec

PI = 60% V = 0.44

Page 14: Petri Net Modelling of Physical Vulnerability

ConclusionsConclusions

Physical vulnerability modelling can be a hard task because:◦ complexity and

heterogeneity of systems◦ evaluation results must

be trustable...◦ usability/completeness

tradeoff

14

S. Marrone - Petri Net Modelling of Physical Vulnerability

George E. P. Box (statistician)

Essentially, all models are wrong,

but some are useful

Page 15: Petri Net Modelling of Physical Vulnerability

Safecomp 2011Safecomp 2011

International Conference onComputer Safety, Reliability and Security

Naples, Italy19 / 21 September 2011 - Main Conference

22 September 2011 - Tutorials and Workshops Day

15

S. Marrone - Petri Net Modelling of Physical Vulnerability

Key themeSafety and security of computer-based systems and infrastructures:

from risk assessment to threat mitigation