Secure and Self-healing Control Centers of Critical Infrastructures using Intrusion Tolerance

Nowadays, critical infrastructures are highly integrated with state-of-the-art information and communication technologies to enhance their efficiency. Due to farreaching societal and economic impacts caused by failure or malfunction of critical infrastructures, cyber security and self-healing capability are among their salient features. A new security paradigm referred to as intrusion tolerance is envisaged to complement the existing security solutions (i.e., intrusion prevention and detection), as well as to provide availability and self-healing capabilities, particularly for the control centers as the key components of critical infrastructures. However, intrusion tolerance techniques are associated with substantial cost. In this paper, we propose an intrusion tolerant system architecture which incorporates distinctive features, namely dynamic redundancy level, and hybrid and hierarchical rejuvenation mechanism. The acquired results from security analysis of the proposed architecture show improvements compared to two established architectures. Also, analysis of the incurred cost demonstrates the costeffectiveness of the proposed architecture.