Graph Analytics for Cyber-Physical System Resilience Quantification

TL;DR

This paper tackles cyber-physical system resilience by proposing a multilayered knowledge-graph framework that captures physical, sensor, actuator, cyber, and mission layers to quantify resilience potential. It employs three graph analytics metrics, with eigenvector centrality performing best for identifying critical points and assessing cascade risk in three SWaT architectures, revealing how design choices affect attack surface. An adversary modeling exercise using a Neo4j-based knowledge-graph builder and LLMs demonstrates how attacker knowledge could be leveraged to uncover vulnerabilities, informing defense strategies and remediation graphs. The work contributes a practical methodology to preempt cascading failures in CPS, offering actionable guidance for resilience design, critical-point protection, and future research into dynamic, temporal resilience analysis.

Abstract

Critical infrastructures integrate a wide range of smart technologies and become highly connected to the cyber world. This is especially true for Cyber-Physical Systems (CPSs), which integrate hardware and software components. Despite the advantages of smart infrastructures, they remain vulnerable to cyberattacks. This work focuses on the cyber resilience of CPSs. We propose a methodology based on knowledge graph modeling and graph analytics to quantify the resilience potential of complex systems by using a multilayered model based on knowledge graphs. Our methodology also allows us to identify critical points. These critical points are components or functions of an architecture that can generate critical failures if attacked. Thus, identifying them can help enhance resilience and avoid cascading effects. We use the SWaT (Secure Water Treatment) testbed as a use case to achieve this objective. This system mimics the actual behavior of a water treatment station in Singapore. We model three resilient designs of SWaT according to our multilayered model. We conduct a resilience assessment based on three relevant metrics used in graph analytics. We compare the results obtained with each metric and discuss their accuracy in identifying critical points. We perform an experimentation analysis based on the knowledge gained by a cyber adversary about the system architecture. We show that the most resilient SWaT design has the necessary potential to bounce back and absorb the attacks. We discuss our results and conclude this work by providing further research axes.

Figures (11)

• Figure 1: Multilayered model of a cps.
• Figure 2: Semantic model inspired from a water treatment subsystem.
• Figure 3: Alternative designs of swat for resilience evaluation purposes. Fig. \ref{['fig:swat_1_original']} represents $A_1$, the original swat design. In Fig. \ref{['fig:swat_2_add_sensors']}, $A_2$ is similar to $A_1$, with additional sensors that increase the monitorability potential. Fig. \ref{['fig:swat_3_add_sensors_and_act']} representing $A_3$ includes redundant controllers with auxiliary actuators, which increases the steerability capacities of the system. Monitorability has also increased compared to $A_2$ because additional actuators also need to be monitorable.
• Figure 4: Resilience assessment of swat pumping stage designs.
• Figure 5: Graphical results of swat designs eigenvector centrality assessment presented in Table \ref{['tab_eig_results']}.