A Framework for Measuring Security as a System Property in Cyberphysical Systems

Zalewski, Janusz; Buckley, Ingrid A.; Czejdo, Bogdan D.; Drager, Steven; Kornecki, Andrew J.; Subramanian, Nary

doi:10.3390/info7020033

Cited by 8 publications

(9 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the context of CPSs, sensor measurements can be used to monitor the behavior of the systems under different operational conditions, including hazardous and malicious ones. Indeed, CPS functionality and integrity can be compromised by both hazards (safety related) and malicious threats (security related) [104,151,213]. Hazards and cyber threats originate from different sources (stochastic degradations and accidental conditions, for the former, external malevolent activities that are usually less accessible and less predictable for the latter [16,104]).…”

Section: Safety and Security Of Cyber-physical Systemsmentioning

confidence: 99%

“…CPSs demand that in the risk analysis both safety and security aspects be considered [60,104,151,213]. With respect to safety, hazards relate to components failures that can result in accidental scenarios leading to unacceptable consequences on the system physical processes; as for security, malicious attacks can impair both the physical and cyber parts of the system, possibly leading to unacceptable consequences.…”

Section: Safety and Security Of Cyber-physical Systemsmentioning

confidence: 99%

See 1 more Smart Citation

The future of risk assessment

Zio

2018

Reliability Engineering & System Safety

279

116

View full text Add to dashboard Cite

A B S T R A C TRisk assessment must evolve for addressing the existing and future challenges, and considering the new systems and innovations that have already arrived in our lives and that are coming ahead. In this paper, I swing on the rapid changes and innovations that the World that we live in is experiencing, and analyze them with respect to the challenges that these pose to the field of risk assessment. Digitalization brings opportunities but with it comes also the complexity of cyber-phyiscal systems. Climate change and extreme natural events are increasingly threatening our infrastructures; terrorist and malevolent threats are posing severe concerns for the security of our systems and lives. These sources of hazard are extremely uncertain and, thus, difficult to describe and model quantitatively.Some research and development directions that are emerging are presented and discussed, also considering the ever increasing computational capabilities and data availability. These include the use of simulation for accident scenario identification and exploration, the extension of risk assessment into the framework of resilience and business continuity, the reliance on data for dynamic and condition monitoring-based risk assessment, the safety and security assessment of cyber-physical systems.The paper is not a research work and not exactly a review or a state of the art work, but rather it offers a lookout on risk assessment, open to consideration and discussion, as it cannot pretend to give an absolute point of view nor to be complete in the issues addressed (and the related literature referenced to).

show abstract

Section: Safety and Security Of Cyber-physical Systemsmentioning

confidence: 99%

Section: Safety and Security Of Cyber-physical Systemsmentioning

confidence: 99%

The future of risk assessment

Zio

2018

Reliability Engineering & System Safety

279

116

View full text Add to dashboard Cite

show abstract

“…For example, students should realize from the very first class period that the result of a measurement is, in fact, two numbers, that is, the value of the measurement and an error (accuracy), to reflect the uncertainty. There are several more fundamental issues like that in teaching the measurement process, which go back historically to the 19th century, as formulated first by Hermann von Helmholtz in his groundbreaking work "Zählen und Messen" [3], briefly reviewed and summarized in [84]. In the PTEE proceedings, there are only a few authors who emphasized the importance of understanding measurements, although not going into detail [31,[50][51][52][53][54]64,65].…”

Section: Summary Of Ptee Findingsmentioning

confidence: 99%

An Overview of Teaching Physics for Undergraduates in Engineering Environments

2019

View full text Add to dashboard Cite

This paper is an overview of approaches to teaching physics courses delivered to students of engineering disciplines. It addresses, first, the history of teaching physics to engineering students starting in the early 20th century, then reviews the main issues presented and discussed over the last decade in a series of conferences on Physics Teaching in Engineering Education (PTEE). Finally, this paper discusses more contemporary views on the subject, including the latest technologies and new methodologies. It is not a critical review of teaching physics to engineering students, but rather a summary of various views and approaches over the span of the entire century. The common denominator of the study is the relevance to the competency-based approach: how the papers focus on teaching engineers the principles of physics in a manner that contributes to success in their professional careers.

show abstract

“…Risk assessment of CPS must address both safety and security issues (Amundrud, Aven, & Flage, ; Aven, ; Aven & Krohn, ; Kriaa, Pietre‐Cambacedes, Bouissou, & Halgand, ; Piètre‐Cambacédès & Bouissou, ; Wang, Di Maio, & Zio, ; Zalewski et al., ; Zio, , ). Safety concerns stochastic component failures that can result in accidental scenarios leading the system toward unacceptable consequences.…”

Section: Introductionmentioning

confidence: 99%

Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks

2019

View full text Add to dashboard Cite

Defenders have to enforce defense strategies by taking decisions on allocation of resources to protect the integrity and survivability of cyber-physical systems (CPSs) from intentional and malicious cyber attacks. In this work, we propose an adversarial risk analysis approach to provide a novel one-sided prescriptive support strategy for the defender to optimize the defensive resource allocation, based on a subjective expected utility model, in which the decisions of the adversaries are uncertain. This increases confidence in cyber security through robustness of CPS protection actions against uncertain malicious threats compared with prescriptions provided by a classical defend-attack game-theoretical approach. We present the approach and the results of its application to a nuclear CPS, specifically the digital instrumentation and control system of the advanced lead-cooled fast reactor European demonstrator.

show abstract

A Framework for Measuring Security as a System Property in Cyberphysical Systems

Cited by 8 publications

References 23 publications

The future of risk assessment

The future of risk assessment

An Overview of Teaching Physics for Undergraduates in Engineering Environments

Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks

Contact Info

Product

Resources

About