A security risk mitigation framework for cyber physical systems
2020 (English)In: Journal of Software: Evolution and Process, ISSN 2047-7473, E-ISSN 2047-7481, Vol. 32, no 2, p. 1-15Article in journal (Refereed) [Artistic work] Published
Abstract [en]
Cyber physical systems (CPSs) are safety‐critical, be it weapon systems, smart medical devices, or grid stations. This makes ensuring security of all the components constituting a CPS unavoidable. The rise in the demand of interconnectedness has made such systems vulnerable to attacks, ie, cyberattacks. Over 170 cases of cyber‐security breaches in CPS were reported over the past two decades. An increase in the number of cyberattack incidents on CPS makes them more exposed and less trustworthy. However, identifying the security requirements of the CPS to pinpoint the relevant risks may help to counteract the potential attacks. Literature reveals that the most targeted security requirements of CPS are authentication, integrity, and availability. However, little attention has been paid on certain crucial security attributes such as data freshness and nonrepudiation. One major reason of security breaches in CPS is the lack of custom or generalized countermeasures. Therefore, we propose a security risk mitigation framework for a CPS focused on constraints, ie, authentication, data integrity, data freshness, nonrepudiation, and confidentiality. Furthermore, we evaluate the proposed work using a case study of a safety critical system. The results show a decrease in the severity of the identified security risks, ie, man‐in‐the‐middle attack, spoofing, and data tempering.
Place, publisher, year, edition, pages
John Wiley & Sons, 2020. Vol. 32, no 2, p. 1-15
Keywords [en]
case study, cryptosystem, cyber physical systems (CPS), cyber security, risk assessment, risk identification, risk management, risk mitigation, security
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:mdh:diva-53913DOI: 10.1002/smr.2219ISI: 000484318700001Scopus ID: 2-s2.0-85071615646OAI: oai:DiVA.org:mdh-53913DiVA, id: diva2:1546252
2021-04-212021-04-212021-11-05Bibliographically approved