The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis

Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis
Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis
The increased connectivity of critical maritime infrastructure (CMI) systems to digital networks have raised concerns of their vulnerability to cyber attacks. As less emphasis has been placed, to date, on ensuring security of cyber-physical maritime systems, mitigating these cyber attacks will require the design and engineering of secure maritime infrastructure systems. Systems theory has been shown to provide the foundation for a disciplined approach to engineering secure cyber-physical systems. In this paper, we use systems theory, and concepts adapted from safety analysis, to develop a systematic mechanism for analysing the security functionalities of assets' interactions in the maritime domain. We use the theory to guide us to discern the system's requirement, likely system losses, potential threats, and to construct system constraints needed to inhibit or mitigate these threats. Our analyses can be used as springboards to a set of principles to help enunciate the assumptions and system-level security requirements useful as the bases for systems' security validation and verification.
75-84
Springer
Omitola, Temitope
1c60a885-5485-4676-8907-d657c22d5f58
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Rezazadeh, Abdolbaghi
ab1aeb76-9d41-4b46-820c-cc66b631cb99
Anderst-Kotsis, G.
Tjoa, A.
Khalil, I.
Omitola, Temitope
1c60a885-5485-4676-8907-d657c22d5f58
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Rezazadeh, Abdolbaghi
ab1aeb76-9d41-4b46-820c-cc66b631cb99
Anderst-Kotsis, G.
Tjoa, A.
Khalil, I.

Omitola, Temitope, Butler, Michael and Rezazadeh, Abdolbaghi (2019) Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis. Anderst-Kotsis, G., Tjoa, A. and Khalil, I. (eds.) In Database and Expert Systems Applications. vol. 1062, Springer. pp. 75-84 . (doi:10.1007/978-3-030-27684-3_11).

Record type: Conference or Workshop Item (Paper)

Abstract

The increased connectivity of critical maritime infrastructure (CMI) systems to digital networks have raised concerns of their vulnerability to cyber attacks. As less emphasis has been placed, to date, on ensuring security of cyber-physical maritime systems, mitigating these cyber attacks will require the design and engineering of secure maritime infrastructure systems. Systems theory has been shown to provide the foundation for a disciplined approach to engineering secure cyber-physical systems. In this paper, we use systems theory, and concepts adapted from safety analysis, to develop a systematic mechanism for analysing the security functionalities of assets' interactions in the maritime domain. We use the theory to guide us to discern the system's requirement, likely system losses, potential threats, and to construct system constraints needed to inhibit or mitigate these threats. Our analyses can be used as springboards to a set of principles to help enunciate the assumptions and system-level security requirements useful as the bases for systems' security validation and verification.

Text
Making(Implicit)SecurityRequirementsExplicit-Camera-Rdy - Accepted Manuscript
Available under License University of Southampton Accepted Manuscript Licence.
Download (373kB)

More information

Accepted/In Press date: 2019
Published date: August 2019
Venue - Dates: 30th International Conference on Database and Expert Systems Applications, Johannes Kepler University Linz, Austria, 2019-08-26 - 2019-08-29
Learn more about Cyber Physical Systems research

Identifiers

Local EPrints ID: 432987
URI: http://eprints.soton.ac.uk/id/eprint/432987
DOI: doi:10.1007/978-3-030-27684-3_11
PURE UUID: 3571a7f3-ce43-43e6-bfb2-2f8c70bd64aa
ORCID for Michael Butler: ORCID iD orcid.org/0000-0003-4642-5373
ORCID for Abdolbaghi Rezazadeh: ORCID iD orcid.org/0000-0002-0029-469X

Catalogue record

Date deposited: 05 Aug 2019 16:30
Last modified: 18 Feb 2021 17:01

Export record

Altmetrics

Contributors

Author: Temitope Omitola
Author: Michael Butler ORCID iD
Author: Abdolbaghi Rezazadeh ORCID iD
Editor: G. Anderst-Kotsis
Editor: A. Tjoa
Editor: I. Khalil

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×