Cyber Security Concerns Regarding Federated, Partly IMA and Full IMA Implementations

“…Database Reference A secure design-for-test infrastructure for lifetime security of SoCs IEEE [14] Safety and security aware framework for the development of feedback control systems IEEE [15] Designing safe and secure autopilots for the urban environment IEEE [16] Cyber-Physical Systems Security-A Survey IEEE [8] Open Platform Systems Under Scrutiny: A Cybersecurity Analysis of the Device Tree IEEE [17] Cyber Security Concerns Regarding Federated, Partly IMA and Full IMA Implementations IEEE [18] The Need for a Secure Modular Open Systems Approach (MOSA): Building the Case Using Systems Thinking Methodologies IEEE [9] Attacks on Distributed Sequential Control in Manufacturing Automation IEEE [19] A Multicycle Pipelined GCM-Based AUTOSAR Communication ASIP IEEE [20] Cyber-Attacks in Modular Multilevel Converters IEEE [21] Securing Robots: An Integrated Approach for IEEE [22] Security Challenges and Monitoring for the Robotic Operating System (ROS) Security Threat Analysis and Treatment Strategy for ORAN IEEE [23] Security Risk Assessment and Risk Treatment for Integrated Modular Communication Scopus [24] Big Missions, Small Solutions Advances and Innovation in Architecture and Technology for Small Satellites Scopus [10] Considerations and examples of a modular open systems approach in defense systems Scopus [7] Security Mechanisms Used in Microservices-Based Systems: A Systematic Mapping Scopus [25] Security Considerations in Modular Mobile Manipulation Scopus [26] Openness and Security Thinking Characteristics for IoT Ecosystems Scopus [27] Railway Defender Kill Chain to Predict and Detect Cyber-Attacks Scopus [28] Mission Systems Open Architecture Science and Technology (MOAST) program SPIE [29] Joint Communications Architecture for Unmanned Systems (JCAUS) SPIE [30] Designing the next generation of sensor systems using the SOSA standard SPIE [31] A systems approach to achieving the benefits of open and modular systems SPIE [32] Chaos engineering experiments in middleware systems using targeted network degradation and automatic fault injection SPIE [33] Protecting publish/subscribe interactions via TLS and a system-wide certificate validation engine SPIE [34] Secure Internet of Things Architecture (SIoTA) on the battlefield SPIE…”

“…Most of these were further categorized as Interception and Content Spoofing. Examples of Interception attacks found in the literature were eavesdropping on private data or credentials [8][19] [35], interception of transmitted information [18], and monitoring sensor data [38]. Examples of Content Spoofing are radar data spoofing [16], spoofing attacks on address resolution protocol in SCADA systems [8], GPS/GNSS navigation data spoofing [18], and speedometer data spoofing [20].…”

“…Hardware Domain attacks were mostly categorized as Malicious Logic Insertion and Shared Resource Manipulation. Examples are attacks such as hardware trojans [14][16] [37], data manipulation in memory [16] and infected memory [8], extraction attacks from Direct Memory Access (DMA), peripheral address manipulation [17], and power system disruption [18]. Manipulation During Manufacture and Manipulation During Distribution were notable attack vectors within the Supply Chain Domain.…”

“…SA-11 covers functions from literature such as risk management [27], security assessments and testing [8][18], fuzzing [22][42], penetration testing and static code analysis [42]. Security functions that fall under SA-3 are secure integration of components into the system [8], rapid upgrades [7][10], and technology refresh (of security modules or compromised non-security modules) [7][30] and securing the design and manufacturing lifecycle process of a system [8] [18].…”

Systematic Mapping Study of Systems Security Engineering for Modular Open Systems

“…Database Reference A secure design-for-test infrastructure for lifetime security of SoCs IEEE [14] Safety and security aware framework for the development of feedback control systems IEEE [15] Designing safe and secure autopilots for the urban environment IEEE [16] Cyber-Physical Systems Security-A Survey IEEE [8] Open Platform Systems Under Scrutiny: A Cybersecurity Analysis of the Device Tree IEEE [17] Cyber Security Concerns Regarding Federated, Partly IMA and Full IMA Implementations IEEE [18] The Need for a Secure Modular Open Systems Approach (MOSA): Building the Case Using Systems Thinking Methodologies IEEE [9] Attacks on Distributed Sequential Control in Manufacturing Automation IEEE [19] A Multicycle Pipelined GCM-Based AUTOSAR Communication ASIP IEEE [20] Cyber-Attacks in Modular Multilevel Converters IEEE [21] Securing Robots: An Integrated Approach for IEEE [22] Security Challenges and Monitoring for the Robotic Operating System (ROS) Security Threat Analysis and Treatment Strategy for ORAN IEEE [23] Security Risk Assessment and Risk Treatment for Integrated Modular Communication Scopus [24] Big Missions, Small Solutions Advances and Innovation in Architecture and Technology for Small Satellites Scopus [10] Considerations and examples of a modular open systems approach in defense systems Scopus [7] Security Mechanisms Used in Microservices-Based Systems: A Systematic Mapping Scopus [25] Security Considerations in Modular Mobile Manipulation Scopus [26] Openness and Security Thinking Characteristics for IoT Ecosystems Scopus [27] Railway Defender Kill Chain to Predict and Detect Cyber-Attacks Scopus [28] Mission Systems Open Architecture Science and Technology (MOAST) program SPIE [29] Joint Communications Architecture for Unmanned Systems (JCAUS) SPIE [30] Designing the next generation of sensor systems using the SOSA standard SPIE [31] A systems approach to achieving the benefits of open and modular systems SPIE [32] Chaos engineering experiments in middleware systems using targeted network degradation and automatic fault injection SPIE [33] Protecting publish/subscribe interactions via TLS and a system-wide certificate validation engine SPIE [34] Secure Internet of Things Architecture (SIoTA) on the battlefield SPIE…”

“…Most of these were further categorized as Interception and Content Spoofing. Examples of Interception attacks found in the literature were eavesdropping on private data or credentials [8][19] [35], interception of transmitted information [18], and monitoring sensor data [38]. Examples of Content Spoofing are radar data spoofing [16], spoofing attacks on address resolution protocol in SCADA systems [8], GPS/GNSS navigation data spoofing [18], and speedometer data spoofing [20].…”

“…Hardware Domain attacks were mostly categorized as Malicious Logic Insertion and Shared Resource Manipulation. Examples are attacks such as hardware trojans [14][16] [37], data manipulation in memory [16] and infected memory [8], extraction attacks from Direct Memory Access (DMA), peripheral address manipulation [17], and power system disruption [18]. Manipulation During Manufacture and Manipulation During Distribution were notable attack vectors within the Supply Chain Domain.…”

“…SA-11 covers functions from literature such as risk management [27], security assessments and testing [8][18], fuzzing [22][42], penetration testing and static code analysis [42]. Security functions that fall under SA-3 are secure integration of components into the system [8], rapid upgrades [7][10], and technology refresh (of security modules or compromised non-security modules) [7][30] and securing the design and manufacturing lifecycle process of a system [8] [18].…”

Systematic Mapping Study of Systems Security Engineering for Modular Open Systems

Cybersecurity in logistics and supply chain management: An overview and future research directions

Onto-by-wire: Bridging the knowledge gap between avionics and cybersecurity through ontology