Defense-in-depth vs. critical component defense for industrial control systems

Originally designed as self-contained and isolated networks, Industrial Control Systems (ICS) have evolved to become increasingly interconnected with IT systems and other wider networks and services, which enables cyber attacks to sabotage the normal operation of ICS. This paper proposes a simulation of attackers and defenders, who have limited resources that must be applied to either advancing the technology they have available to them or attempting to attack (defend) the system. The objective is to identify the appropriate deployment of specific defensive strategy, such as Defense-in-depth and Critical Component Defense. The problem is represented as a strategic competitive optimisation problem, which is solved using a co-evolutionary Particle Swarm Optimisation problem. Through the devolopment of optimal defense strategies, it is possible to identify when each specific defensive strategies is most appropriate; where the optimal defensive strategy depends on the kind of attacker the system is expecting and the structure of the network.