The Need

As industrial systems become increasingly digital and interconnected, traditional risk assessment tools struggle to capture how cyber threats interact with physical processes in real time. Existing methods typically assess hardware failures or isolated cyber events, but they cannot model how attacks evolve, influence system state, or drive operator behavior. Industries such as energy, manufacturing, and critical infrastructure urgently need a unified cyber‑physical risk assessment capability that quantifies evolving threats, anticipates attacker–defender interactions, and informs timely operational decisions.

The Technology

OSU engineers have developed a dynamic probabilistic risk assessment (DPRA) platform that integrates physics‑based system modeling, real‑time cyberattack simulation, and game‑theoretic modeling of attacker and defender behavior. The system continuously monitors physical and digital states, samples likely actions from both operators and adversaries, and predicts system evolution under varied threat scenarios. By combining network simulation, physical plant modeling, and decision‑centric action modeling, the platform delivers actionable insights into how cyberattacks propagate and how intervention strategies impact system safety and reliability.

Commercial Applications

• Cyber‑physical risk analysis and security hardening for power plants, including nuclear and conventional generation.
• Industrial control system vulnerability assessment for manufacturing, chemical processing, and transportation infrastructure.
• High-performance computing and quantum systems requiring cryogenic cabling
• Industrial cryogenic power distribution networks

Benefits/Advantages

• Integrated cyber‑physical modeling: Unifies digital network behavior with physical system dynamics for accurate scenario evaluation.
• Predictive, game‑theoretic decision modeling: Anticipates attacker–defender interactions, enabling proactive mitigation planning.
• Dynamic, time‑based risk quantification: Captures evolving threats, component failures, and operator actions.
• Plug‑and‑play architecture: Compatible with existing simulators and network models, enabling rapid adoption in diverse industrial environments.