Implementation of the Common Vulnerability Scoring System to Assess the Cyber Vulnerability in Construction Projects

Bharadwaj, R K Mantha; Yeojin, Jung; Borja, Garcia De Soto

doi:10.3311/ccc2020-030

Cited by 8 publications

(2 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Turk and Klinc (2017), Nawari and Ravindran (2019b), and Safa et al (2019) identified the potential use of blockchain technology in construction management, and Shemov et al (2020) proposed a blockchain platform to enhance some of the challenges faced in the construction supply chain. There have been few research efforts covering the cybersecurity aspects of physical operations on construction sites, such as Mantha et al (2020b) and Mantha and García de Soto (2020) proposing the implementation of the common vulnerability scoring system (CVSS) to construction networks and García de suggesting further research considering cyber threats against increasingly digitized and automated construction site activities.…”

Section: Cybersecurity In Constructionmentioning

confidence: 99%

Operational Technology on Construction Sites: A Review from the Cybersecurity Perspective

Sonkor

Soto

2021

J. Constr. Eng. Manage.

View full text Add to dashboard Cite

The digital transformation in the construction industry affects how information is exchanged and disrupts the way construction sites operate. The levels of operational technology (OT) to control and monitor site activities by utilizing robotic, autonomous, and remotely controlled machines raise cybersecurity concerns. As construction sites are places where humans and machines work together, the potential safety outcomes of cybersecurity vulnerabilities are magnified. This study's motivation was to understand the current state of the art and identify gaps to suggest future directions regarding OT in construction from the cybersecurity perspective. To achieve that, a bibliometric analysis was conducted. The analysis utilized the Scopus database to retrieve related publications and VOSviewer version 1.6.15 software to visualize bibliometric networks. Main research themes were identified, and each theme was reviewed from a cybersecurity perspective. The limitations of the analysis include the lack of industry-based categorization, the domination of publications focusing on the cybersecurity of industrial control systems (ICSs), and the set of keyword combinations used for the literature search that could be expanded to cover a broader range of research topics. The findings reveal the lack of focus on the construction phase in the construction cybersecurity research. Moreover, cybersecurity aspects are absent in the construction automation studies, and there is a need for bespoke threat modeling and intrusion detection systems for all the phases of construction projects. Suggestions for further research on the potential threats against the construction phase are provided. Future directions include possible adaptations of the available cybersecurity frameworks considering the utilization of OT on construction sites and investigating the methods to evaluate security levels on construction sites and countermeasures against cyberattacks.

show abstract

Section: Cybersecurity In Constructionmentioning

confidence: 99%

Operational Technology on Construction Sites: A Review from the Cybersecurity Perspective

Sonkor

Soto

2021

J. Constr. Eng. Manage.

View full text Add to dashboard Cite

show abstract

“…To that end, they laid out threat models for each of the life cycle phases of a construction project and presented a case study for the commissioning phase. Mantha et al (2020) tried to quantify the cyber vulnerability in construction projects by implementing the Common Vulnerability Scoring System (CVSS). The goal was to assess project participants' vulnerability, hence improving the security level of construction networks.…”

Section: Cybersecurity Research In the Aec Industrymentioning

confidence: 99%

Cybersecurity in Construction: Where Do We Stand and How Do We Get Better Prepared

Mantha

Soto

2021

Front. Built Environ.

View full text Add to dashboard Cite

The architecture, engineering, and construction (AEC) industry is increasingly becoming digital and more prone to cyber-attacks. Although there are several studies and standards in the cybersecurity domain, experts suggest that domain-specific studies need to be conducted to address the unique challenges faced within each of the different industries. Therefore, several cybersecurity studies have been undertaken for various industries, such as healthcare, manufacturing, telecommunication, and energy. However, this type of study is largely missing in the AEC industry due to different reasons, including lack of awareness. To address that, this study aims to (a) compare and analyze the number of cybersecurity-related documents in the AEC industry with several other industries, and (b) extract and analyze the cybersecurity-related documents data to identify potential future research trends and topics for the AEC community. The Web of Science (WOS) database, consisting of significant and influential journal publications, was used for document retrieval. VOSviewer was used to identify key research topics and trends in the cybersecurity domain and define future cybersecurity research in the AEC industry. WOS document retrieval results that compared the total number of publications corroborated the little to no attention received to cybersecurity investigation in the AEC industry. In addition, the VOSviewer analysis revealed three significant areas of research in the cybersecurity community that provide a reasonably justified roadmap for conducting cybersecurity research in the AEC industry. This study could greatly benefit the AEC research community and potential reaping benefits to the industry by creating more awareness among different stakeholders.

show abstract

TMAP: A Threat Modeling and Attack Path Analysis Framework for Industrial IoT Systems (A Case Study of IoM and IoP)

Saurabh,

Gajjala,

Kaipa

et al. 2024

Arab J Sci Eng

View full text Add to dashboard Cite

Implementation of the Common Vulnerability Scoring System to Assess the Cyber Vulnerability in Construction Projects

Cited by 8 publications

References 5 publications

Operational Technology on Construction Sites: A Review from the Cybersecurity Perspective

Operational Technology on Construction Sites: A Review from the Cybersecurity Perspective

Cybersecurity in Construction: Where Do We Stand and How Do We Get Better Prepared

TMAP: A Threat Modeling and Attack Path Analysis Framework for Industrial IoT Systems (A Case Study of IoM and IoP)

Contact Info

Product

Resources

About