Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Cybersecurity of industrial cyber-physical systems: a review

Kayan, Hakan, Nunes, Matthew ORCID: https://orcid.org/0000-0003-1990-5814, Rana, Omer ORCID: https://orcid.org/0000-0003-3597-2646, Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X and Perera, Charith ORCID: https://orcid.org/0000-0002-0190-3346 2022. Cybersecurity of industrial cyber-physical systems: a review. ACM Computing Surveys 54 (11s) , 229. 10.1145/3510410

[thumbnail of Hakan_PAPER_01_OCT_2020_V1__Copy_+(3).pdf]
Preview
PDF - Accepted Post-Print Version
Download (3MB) | Preview

Abstract

Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the “physics” data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the “security by obscurity” principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition. Although there are existing surveys in this context, very little is mentioned regarding the outputs of these reports. While these reports show that the most exploited vulnerabilities occur due to weak boundary protection, these vulnerabilities also occur due to limited or ill defined security policies. However, current literature focuses on intrusion detection systems (IDS), network traffic analysis (NTA) methods, or anomaly detection techniques. Hence, finding a solution for the problems mentioned in these reports is relatively hard. We bridge this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. Finally, we identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Publisher: Association for Computing Machinery (ACM)
ISSN: 0360-0300
Date of First Compliant Deposit: 28 January 2022
Date of Acceptance: 10 January 2022
Last Modified: 24 Nov 2022 13:02
URI: https://orca.cardiff.ac.uk/id/eprint/147063

Actions (repository staff only)

Edit Item Edit Item

Downloads

Downloads per month over past year

View more statistics