US Patent 10162969 Dynamic quantification of cyber-security risks in a control system

A system and method for analyzing cyber-security risk inter-dependencies in a control system having networked devices. The system includes a central server that has a processor and a memory device in communication with the processor. The memory device stores inter-device dependencies and quantified individual risks for each of the networked devices. The memory device also stores a dynamic quantification of risk (DQR) program. The central server is programmed to implement the DQR program. Responsive to observed cyber behavior, the central server changes one or more of the quantified individual risks to generate at least one modified quantified individual risk. The inter-device dependencies for a first of the networked devices and the quantified individual risk for at least one other of the networked devices reflecting the modified quantified individual risk are used to dynamically modify the quantified individual risk for the first device to generate an inter-device modified quantified individual risk.