Print Email Facebook Twitter Probability elicitation for Bayesian networks to distinguish between intentional attacks and accidental technical failures Title Probability elicitation for Bayesian networks to distinguish between intentional attacks and accidental technical failures Author Chockalingam, S. (TU Delft Safety and Security Science; Institute for Energy Technology) Pieters, W. (TU Delft Organisation & Governance; Radboud Universiteit Nijmegen) Teixeira, André M.H. (Uppsala University) van Gelder, P.H.A.J.M. (TU Delft Safety and Security Science) Date 2023 Abstract Both intentional attacks and accidental technical failures can lead to abnormal behaviour in components of industrial control systems. In our previous work, we developed a framework for constructing Bayesian Network (BN) models to enable operators to distinguish between those two classes, including knowledge elicitation to construct the directed acyclic graph of BN models. In this paper, we add a systematic method for knowledge elicitation to construct the Conditional Probability Tables (CPTs) of BN models, thereby completing a holistic framework to distinguish between attacks and technical failures. In order to elicit reliable probabilities from experts, we need to reduce the workload of experts in probability elicitation by reducing the number of conditional probabilities to elicit and facilitating individual probability entry. We utilise DeMorgan models to reduce the number of conditional probabilities to elicit as they are suitable for modelling opposing influences i.e., combinations of influences that promote and inhibit the child event. To facilitate individual probability entry, we use probability scales with numerical and verbal anchors. We demonstrate the proposed approach using an example from the water management domain. Subject Bayesian networkDeMorgan modelIntentional attackProbability elicitationTechnical failure To reference this document use: http://resolver.tudelft.nl/uuid:fad29db1-89c4-4a8c-9f9c-4fef0a3ce8e0 DOI https://doi.org/10.1016/j.jisa.2023.103497 ISSN 2214-2134 Source Journal of Information Security and Applications, 75 Part of collection Institutional Repository Document type journal article Rights © 2023 S. Chockalingam, W. Pieters, André M.H. Teixeira, P.H.A.J.M. van Gelder Files PDF 1_s2.0_S2214212623000819_main.pdf 3.97 MB Close viewer /islandora/object/uuid:fad29db1-89c4-4a8c-9f9c-4fef0a3ce8e0/datastream/OBJ/view