https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A security risk mitigation framework for cyber physical systems
National University of Computer and Emerging Sciences, Islamabad, Pakistan.ORCID iD: 0000-0002-7840-8589
National University of Computer and Emerging Sciences, FAST, Islamabad, Pakistan. (SEAL)ORCID iD: 0000-0001-5576-6212
School of Computer Science, Services and Cyber Security Group, University of Twente, Enschede, Netherlands.ORCID iD: 0000-0001-7359-8013
University of Lahore, Islamabad, Pakistan.
2020 (English)In: Journal of Software: Evolution and Process, ISSN 2047-7473, E-ISSN 2047-7481, Vol. 32, no 2, p. 1-15Article in journal (Refereed) [Artistic work] Published
Abstract [en]

Cyber physical systems (CPSs) are safety‐critical, be it weapon systems, smart medical devices, or grid stations. This makes ensuring security of all the components constituting a CPS unavoidable. The rise in the demand of interconnectedness has made such systems vulnerable to attacks, ie, cyberattacks. Over 170 cases of cyber‐security breaches in CPS were reported over the past two decades. An increase in the number of cyberattack incidents on CPS makes them more exposed and less trustworthy. However, identifying the security requirements of the CPS to pinpoint the relevant risks may help to counteract the potential attacks. Literature reveals that the most targeted security requirements of CPS are authentication, integrity, and availability. However, little attention has been paid on certain crucial security attributes such as data freshness and nonrepudiation. One major reason of security breaches in CPS is the lack of custom or generalized countermeasures. Therefore, we propose a security risk mitigation framework for a CPS focused on constraints, ie, authentication, data integrity, data freshness, nonrepudiation, and confidentiality. Furthermore, we evaluate the proposed work using a case study of a safety critical system. The results show a decrease in the severity of the identified security risks, ie, man‐in‐the‐middle attack, spoofing, and data tempering.

Place, publisher, year, edition, pages
John Wiley & Sons, 2020. Vol. 32, no 2, p. 1-15
Keywords [en]
case study, cryptosystem, cyber physical systems (CPS), cyber security, risk assessment, risk identification, risk management, risk mitigation, security
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-53913DOI: 10.1002/smr.2219ISI: 000484318700001Scopus ID: 2-s2.0-85071615646OAI: oai:DiVA.org:mdh-53913DiVA, id: diva2:1546252
Available from: 2021-04-21 Created: 2021-04-21 Last updated: 2021-11-05Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopushttps://doi.org/10.1002/smr.2219

Authority records

Zahid, Maryam

Search in DiVA

By author/editor
Zahid, MaryamInayat, IrumDaneva, Maryam
In the same journal
Journal of Software: Evolution and Process
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 103 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf