Kayan, Hakan, Nunes, Matthew ORCID: https://orcid.org/0000-0003-1990-5814, Rana, Omer ORCID: https://orcid.org/0000-0003-3597-2646, Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X and Perera, Charith ORCID: https://orcid.org/0000-0002-0190-3346 2022. Cybersecurity of industrial cyber-physical systems: a review. ACM Computing Surveys 54 (11s) , 229. 10.1145/3510410 |
Preview |
PDF
- Accepted Post-Print Version
Download (3MB) | Preview |
Abstract
Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the “physics” data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the “security by obscurity” principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition. Although there are existing surveys in this context, very little is mentioned regarding the outputs of these reports. While these reports show that the most exploited vulnerabilities occur due to weak boundary protection, these vulnerabilities also occur due to limited or ill defined security policies. However, current literature focuses on intrusion detection systems (IDS), network traffic analysis (NTA) methods, or anomaly detection techniques. Hence, finding a solution for the problems mentioned in these reports is relatively hard. We bridge this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. Finally, we identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.
Item Type: | Article |
---|---|
Date Type: | Publication |
Status: | Published |
Schools: | Computer Science & Informatics |
Publisher: | Association for Computing Machinery (ACM) |
ISSN: | 0360-0300 |
Date of First Compliant Deposit: | 28 January 2022 |
Date of Acceptance: | 10 January 2022 |
Last Modified: | 12 Nov 2024 20:30 |
URI: | https://orca.cardiff.ac.uk/id/eprint/147063 |
Actions (repository staff only)
Edit Item |