Budget constrained optimal security hardening of control networks for critical cyber-infrastructures

Zahid Anwar, Mirko Montanari, Alejandro Gutierrez, Roy H. Campbell

Research output: Contribution to journalArticlepeer-review


Competing schemes for security-hardening the power grid differ in their installation costs and the amount of coverage they provide against cyber attacks. Manually mapping schemes to vulnerable assets, where each asset has a unique degree of criticality in an arbitrary power network configuration, is a cumbersome process. Moreover finding an optimal scheme combination so as to maximize overall network security under a fixed budget constraint is an NP hard problem. In this paper we describe a dynamic programming solution to this problem and implement it along with logic-based models of the power grid, its control elements and best security practices as a tool-chain. The tool-chain takes, as input, a power network configuration, and the budget constraints and security schemes described in logic, determines the critical assets and automatically selects an optimal scheme combination to apply to maximize security. We demonstrate the feasibility of the tool chain implementation by security hardening the IEEE power system 118-bus test case from a pool of five different best-practice schemes.

Original languageEnglish (US)
Pages (from-to)13-25
Number of pages13
JournalInternational Journal of Critical Infrastructure Protection
Issue number1-2
StatePublished - May 2009


  • Budget constraints
  • IEEE 118 bus test
  • Power grid
  • Security Hardening

ASJC Scopus subject areas

  • Modeling and Simulation
  • Safety, Risk, Reliability and Quality
  • Computer Science Applications
  • Information Systems and Management

Fingerprint Dive into the research topics of 'Budget constrained optimal security hardening of control networks for critical cyber-infrastructures'. Together they form a unique fingerprint.

Cite this