Research Article
A Prioritizing Interdiction Surface-Based Vulnerability Remediation Composite Metric for Industrial Control Systems
Algorithm 1
Prioritizing Interdiction Surfaces.
| Input: a vulnerability-oriented , a list of the VEPs, a list of impact value on the ICS components | | Output: an optimal Interdiction Surface | | 1 get the edge set , the node set , the initial nodes and terminal node from the | | 2 for an edge in the do | | 3 assign the Grade to each edge in the | | 4 End for | | 5 initialize a set and then store each edge set with the same Grade into the set | | 6 initialize a set | | 7 for an edge in the do | | 8 store the relation of edges satisfying the Root-Leaf in the | | 9 End for | | 10 for a member in the do: | | 11 replace the root edge in with the leaf edge in the different grade to generate cut sets | | 12 conduct the Minimized Testing for each new possible cut set in the | | 13 if the possible cut set is the Minimum ECS then | | 14 add the possible cut set into the | | 15 End if | | 16 End for | | 17 assign the VEPs and the impact value to each edge and each node | | 18 calculate in Eq. (3) for each member in the | | 19 get the member with the minimum vale of the set of the calculation results | | 20 Return |
|
