A method for evaluating the consequence propagation of security attacks in cyber–physical systems is proposed.
The method evaluates the direct and indirect impacts of attacks on control parameters of CPSs including sensor measurements and controller signals.
The first output is ranking the important assets of the system based on their sensitivity to the carried out attacks.
The next output is prioritizing the attacks based on their impacts on the behavior of the system.