Dynamic Vulnerability Criticality Calculator for Industrial Control Systems
Pavlos Cheimonidis, Kontantinos Rantos
TL;DR
This work tackles the growing cybersecurity risk of connected ICS/SCADA environments by introducing a dynamic vulnerability criticality calculator that produces a vulnerability-centric score tailored to a target environment. The method combines environment-aware CVSS exploitability (via modified metrics), attack-tree based aggregation of interdependent vulnerabilities, and a Fuzzy Cognitive Map to propagate and stabilize the overall vulnerability value along an attack path. The approach is validated through a detailed case study on a three-layer SCADA network and multiple mitigation scenarios, demonstrating that a combined strategy (path elimination plus targeted CVE removal) yields the largest reduction in PLC vulnerability. The study highlights practical insights for ICS security, especially regarding the relative effectiveness of security measures in complex topologies and legacy systems, and outlines plans to extend the model into a full dynamic risk framework with probabilistic threat components.
Abstract
The convergence of information and communication technologies has introduced new and advanced capabilities to Industrial Control Systems. However, concurrently, it has heightened their vulnerability to cyber attacks. Consequently, the imperative for new security methods has emerged as a critical need for these organizations to effectively identify and mitigate potential threats. This paper introduces an innovative approach by proposing a dynamic vulnerability criticality calculator. Our methodology encompasses the analysis of environmental topology and the effectiveness of deployed security mechanisms, coupled with the utilization of the Common Vulnerability Scoring System framework to adjust detected vulnerabilities based on the specific environment. Moreover, it evaluates the quantity of vulnerabilities and their interdependencies within each asset. Additionally, our approach integrates these factors into a comprehensive Fuzzy Cognitive Map model, incorporating attack paths to holistically assess the overall vulnerability score. To validate the efficacy of our proposed method, we present a relative case study alongside several modified scenarios, demonstrating its effectiveness in practical applications.