Framework for cyber-physical systems: volume 2, working group reports

Griffor, Edward; Greer, Chris L.; Wollman, David A.; Burns, Martin

doi:10.6028/nist.sp.1500-202

Cited by 27 publications

(7 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[38] [39] Addressing Privacy in Cyber-Physical Systems using the NIST CPS Framework -Certain types of CPS data may present little or no privacy concerns in isolation, but when aggregated with other data, they might become privacy intrusive.…”

Section: Ref Context Privacy Challenges How Addressedmentioning

confidence: 99%

“…ii) Best practices, Standards, and Regulatory solutions: this solution is illustrated in [38] [39], where the NIST CPS Framework provides privacy risk management guidelines, including the analysis of privacy risks throughout the entire data lifecycle: creation, collection, composition, exploitation, and disposal. In [176] and [219], The EU's GPDR is proposed as a framework for addressing privacy by enforcing mechanisms of Transparency (how data are processed), Consent (user's ability to opt-in or opt-out), and Erasure (the right of the users to delete data).…”

Section: • B) Privacy Solutions In Service Compositionmentioning

confidence: 99%

See 1 more Smart Citation

IoT Capabilities Composition and Decomposition: A Systematic Review

et al. 2023

View full text Add to dashboard Cite

As billions of IoT devices join the Internet, researchers and innovators increasingly explore IoT capabilities achieved via service composition or reuse of existing capabilities via service decomposition. Many systematic literature reviews (SLRs) were produced on this subject; however, two issues remain to be addressed: i) a reference taxonomy of the different aspects of IoT capabilities composition and decomposition is needed, and ii) many formal questions (e.g., standards role, formal representations applications, state-space explosion countermeasures, etc.), technical questions (e.g., composition process types and automation levels synergies, service decomposition categories, the role of AI/ML, etc.), and QoS questions (e.g., privacy, interoperability, and scalability challenges and solutions, etc.) remain unanswered. We introduce this work by discussing notions of IoT capabilities composition and decomposition in a layered IoT architecture while highlighting the strengths and weaknesses of existing SLRs. We identify unanswered questions through gaps in related work and motivate these questions using the PICOC methodology. We explain the search methodology and organize the topic questions using the proposed reference taxonomy. The identified research questions are answered, and trends and gaps that need additional attention from the research community are highlighted. This effort benefits city planners and end-users of IoT systems as it contributes to a better understanding of the role of composition and decomposition of IoT capabilities in building valueadded services or reusing existing ones for resource optimization. For researchers, this effort contributes a reference taxonomy for the topic and sheds light on important questions while highlighting corresponding trends and gaps requiring further attention.

show abstract

Section: Ref Context Privacy Challenges How Addressedmentioning

confidence: 99%

Section: • B) Privacy Solutions In Service Compositionmentioning

confidence: 99%

IoT Capabilities Composition and Decomposition: A Systematic Review

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Resilience is the ability to prepare for and adapt to changing conditions and withstand and gracefully recover from deliberate attacks, accidents, or naturally occurring threats or incidents. Resiliency engineering focuses on situations where the environmental conditions have deliberately been manipulated by malefactors [8]. This requirement aims to manage cybersecurity risks to power system resilience.…”

Section: Maintain Power System Resiliencementioning

confidence: 99%

“…The Framework Core provides a catalog of desired cybersecurity activities and outcomes 8 using common language. The Core guides organizations in managing and reducing their cybersecurity risks in a way that complements an organization's existing cybersecurity and risk management processes.…”

mentioning

confidence: 99%

“…This document uses the general word "organization" to show that the Cybersecurity Framework may be used by private businesses, government agencies, academia, etc 7. Elements of the Cybersecurity Framework-including Core, Implementation Tiers, Profile, Function, Category, and Subcategory-are normally capitalized and will be capitalized throughout this document8 The word "outcomes" is used because the Cybersecurity Framework focuses on the "what" not the "how." In other words, the emphasis is on the cybersecurity outcomes that the organization wants to achieve, but not how they will achieve it.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity framework smart grid profile

Marron¹,

Gopstein²,

Bartol³

et al. 2019

View full text Add to dashboard Cite

The Smart Grid Profile applies risk management strategies from the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) to the smart grid and will serve as a foundation for refinements to support new grid architectures. The Profile provides cybersecurity risk management guidance to power system owners/operators by prioritizing cybersecurity activities based on their effectiveness in helping power system owners/operators achieve common high-level business objectives for the smart grid. The Profile also provides a list of considerations relevant to the challenges power system owners/operators may experience as they implement these cybersecurity activities in infrastructures with high concentrations of distributed energy resources (DERs).

show abstract