“Cyber-Physical Threat Intelligence for Critical Infrastructures Security” Chapter

Hospitals are cyber-physical systems that are vulnerable by nature to a multitude of attacks that can occur at their communication, networking, and physical entry points. Such cyber-physical attacks can have detrimental effects on their operation and the safety of their patients. Thus, to properly secure these systems, it is of utmost importance to:

(i) understand their underlying assets with related vulnerabilities and associated threats,

(ii) quantify their effects, and

(iii) prevent the potential impacts of these attacks.

This implies addressing a challenging objective of understanding the tight relationships between the asset’s characteristics and the propagation of attack’s effects to better prevent the impacts and consequences of incidents. Such an approach needs a detailed knowledge of intrinsic and contextual assets properties. However, hospitals host a variety of medical and IT assets with very different characteristics. This chapter reports on the state of the art of assets and assets interdependencies modeling as well as on incidents propagation approaches. This chapter presents existing work on impact propagation of incidents and the methods used to assess the severity of incidents and risks.

Cyber-Physical Threat Intelligence for Critical Infrastructures Security