When the future meets the past:  Can safety and cyber security coexist in modern critical infrastructures?

Michalec, Ola; Milyaeva, Sveta; Rashid, Awais

doi:10.1177/20539517221108369

Cited by 17 publications

(8 citation statements)

References 60 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Organizational structures and roles. The upsurge of cybersecurity incidents is not reflected in the tasks and expected knowledge of the OT personnel [29,20,30]. The OT personnel and operators perceive any system anomalies but struggle to identify the origin of the anomaly (e.g., (un)intentional faults).…”

Section: Non-technical Challengesmentioning

confidence: 99%

Rethinking Independence in Safety Systems

Gnanasekaran,

Grøtan,

Bartnes

et al. 2024

Springer Proceedings in Complexity

View full text Add to dashboard Cite

The independence in safety systems ensures that the rest of the OT system possesses the ability to resume normal operation or revert to a safe state during a failure. The requirement was previously sustained by isolating systems, mechanical sensors, and the fact that failures occur randomly and sporadically. However, IT/OT integration, the surge of outsourced IT/OT services, and cyberattacks are forcing the previous requirements to become superseded by rapid optimization and digitization of the safety functions, without addressing the consequences from a non-technical context. This paper presents an initial survey of the challenges in the independence requirements with non-technical (human and organizational aspects) and technical context. The main contribution is to identify future, research directions by using different perspectives, such as resilience, robustness, anti-fragility, and digital sovereignty for retaining independence.

show abstract

Section: Non-technical Challengesmentioning

confidence: 99%

Rethinking Independence in Safety Systems

Gnanasekaran,

Grøtan,

Bartnes

et al. 2024

Springer Proceedings in Complexity

View full text Add to dashboard Cite

show abstract

“…These are simple devices with sensors and network connectivity, such as smart devices like cameras or sensors, or wearables, like pacemakers and automated insulin pumps, intended to be part of a greater system. 58 Manufacturers sometimes forgo updates to the software in IoT devices to cut costs, which, as time passes, makes them increasingly vulnerable to cyberattacks. 59 For this reason, the initial approval of a device does not ensure compliance throughout the medical devices' lifecycle.…”

Section: The United States: An Opaque and Arbitrary Regulatory Framew...mentioning

confidence: 99%

The Role of Cybersecurity in Medical Devices Regulation: Future Considerations and Solutions

Ludvigsen

2023

Law Tech Hum

View full text Add to dashboard Cite

The cybersecurity of medical devices is paramount in a world where everything is increasingly digitised. Attention to how this important defence against malicious actors is regulated must, therefore, also increase. This paper uncovers how the cybersecurity of medical devices is currently regulated and how it can be improved going forward. First, the paper compares the regulation of medical device cybersecurity in the European Union, the United States and the United Kingdom (UK)—differentiating between Great Britain and Northern Ireland as per the current state of the law in the UK. Second, the paper develops a model of how cybersecurity shapes three key areas in the ecosystem of medical devices. These areas are the medical device itself; the structure between the surrounding institutional systems (such as manufacturers and healthcare providers); and the security of the data, the surrounding institutional system and the medical device. Third, based on a comparative analysis and a view of the system from above, the paper puts forward four recommendations on what future regulation should contain to properly regulate the cybersecurity of medical devices: technology specificity, circumvention protection, genuine privacy and security by design. The paper recommends that these four principles be followed. Technology specificity because it guarantees legislation that understands the necessary technical aspects to promote security and safety. Circumvention protection because preventing manufacturers and others from circumventing these requirements decreases risks to the health and wellbeing of patients. Finally, genuine privacy and security by design should be followed to align cybersecurity and privacy with current and future technical capacities.

show abstract

“…In recent years, CPS has seen a rise in connections, which has raised cybersecurity concerns. Aside from classic information system vulnerabilities, CPS has new issues due to heterogeneous devices and protocols and stringent reliability requirements (Michalec et al, 2022). The critical infrastructure could be formed as laboratories for practice, intelligence school and training, qualified departments and materials, and cyber-physical systems (Qi et al, 2018;Quincozes et al, 2022).…”

Section: Cybersecurity and Critical Infrastructurementioning

confidence: 99%

Untitled

2023

Foresight and STI Governance

View full text Add to dashboard Cite

It publishes original research articles, offering new theoretical insights and practice-oriented knowledge in important areas of strategic planning and the creation of science, technology, and innovation (STI) policy, and it examines possible and alternative futures in all human endeavors in order to make such insights available to the right person at the right time to ensure the right decision.The journal acts as a scientific forum, contributing to the interaction between researchers, policy makers, and other actors involved in innovation processes. It encompasses all facets of STI policy and the creation of technological, managerial, product, and social innovations. Foresight and STI Governance welcomes works from scholars based in all parts of the world.Topics covered include:• Foresight methodologies and best practices;• Long-term socioeconomic priorities for strategic planning and policy making;• Innovative strategies at the national, regional, sectoral, and corporate levels;• The development of National Innovation Systems;• The exploration of the innovation lifecycle from idea to market;• Technological trends, breakthroughs, and grand challenges;• Technological change and its implications for economy, policy-making, and society;• Corporate innovation management;• Human capital in STI; and many others.The target audience of the journal comprises research scholars, university professors, postgraduates, policy-makers, business people, the expert community, and others who are interested in S&T and innovation analyses, foresight studies, and policy issues. The journal is included into the 1st quartile (Q1) of the Scopus

show abstract

When the future meets the past: Can safety and cyber security coexist in modern critical infrastructures?

Cited by 17 publications

References 60 publications

Rethinking Independence in Safety Systems

Rethinking Independence in Safety Systems

The Role of Cybersecurity in Medical Devices Regulation: Future Considerations and Solutions

Untitled

Contact Info

Product

Resources

About