Research Article
A Prioritizing Interdiction Surface-Based Vulnerability Remediation Composite Metric for Industrial Control Systems
Algorithm 1
Prioritizing Interdiction Surfaces.
Input: a vulnerability-oriented , a list of the VEPs, a list of impact value on the ICS components | Output: an optimal Interdiction Surface | 1 get the edge set , the node set , the initial nodes and terminal node from the | 2 for an edge in the do | 3 assign the Grade to each edge in the | 4 End for | 5 initialize a set and then store each edge set with the same Grade into the set | 6 initialize a set | 7 for an edge in the do | 8 store the relation of edges satisfying the Root-Leaf in the | 9 End for | 10 for a member in the do: | 11 replace the root edge in with the leaf edge in the different grade to generate cut sets | 12 conduct the Minimized Testing for each new possible cut set in the | 13 if the possible cut set is the Minimum ECS then | 14 add the possible cut set into the | 15 End if | 16 End for | 17 assign the VEPs and the impact value to each edge and each node | 18 calculate in Eq. (3) for each member in the | 19 get the member with the minimum vale of the set of the calculation results | 20 Return |
|