CPIndex: Cyber-physical vulnerability assessment for power-grid infrastructures

Ceeman Vellaithurai, Anurag Srivastava, Saman Zonouz, Robin Berthier

Research output: Contribution to journalArticlepeer-review

86 Scopus citations


To protect complex power-grid control networks, power operators need efficient security assessment techniques that take into account both cyber side and the power side of the cyber-physical critical infrastructures. In this paper, we present CPINDEX, a security-oriented stochastic risk management technique that calculates cyber-physical security indices to measure the security level of the underlying cyber-physical setting. CPINDEX installs appropriate cyber-side instrumentation probes on individual host systems to dynamically capture and profile low-level system activities such as interprocess communications among operating system assets. CPINDEX uses the generated logs along with the topological information about the power network configuration to build stochastic Bayesian network models of the whole cyber-physical infrastructure and update them dynamically based on the current state of the underlying power system. Finally, CPINDEX implements belief propagation algorithms on the created stochastic models combined with a novel graph-theoretic power system indexing algorithm to calculate the cyber-physical index, i.e., to measure the security-level of the system's current cyber-physical state. The results of our experiments with actual attacks against a real-world power control network shows that CPINDEX, within few seconds, can efficiently compute the numerical indices during the attack that indicate the progressing malicious attack correctly.

Original languageEnglish (US)
Article number6979242
Pages (from-to)566-575
Number of pages10
JournalIEEE Transactions on Smart Grid
Issue number2
StatePublished - Mar 1 2015


  • Cyber-physical security metrics
  • cyber-physical systems
  • intrusion detection systems
  • situational awareness

ASJC Scopus subject areas

  • Computer Science(all)


Dive into the research topics of 'CPIndex: Cyber-physical vulnerability assessment for power-grid infrastructures'. Together they form a unique fingerprint.

Cite this