The University of Southampton
University of Southampton Institutional Repository

Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis

Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis
Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis
The increased connectivity of critical maritime infrastructure (CMI) systems to digital networks have raised concerns of their vulnerability to cyber attacks. As less emphasis has been placed, to date, on ensuring security of cyber-physical maritime systems, mitigating these cyber attacks will require the design and engineering of secure maritime infrastructure systems. Systems theory has been shown to provide the foundation for a disciplined approach to engineering secure cyber-physical systems. In this paper, we use systems theory, and concepts adapted from safety analysis, to develop a systematic mechanism for analysing the security functionalities of assets' interactions in the maritime domain. We use the theory to guide us to discern the system's requirement, likely system losses, potential threats, and to construct system constraints needed to inhibit or mitigate these threats. Our analyses can be used as springboards to a set of principles to help enunciate the assumptions and system-level security requirements useful as the bases for systems' security validation and verification.
1-10
Omitola, Temitope
1c60a885-5485-4676-8907-d657c22d5f58
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Rezazadeh, Abdolbaghi
ab1aeb76-9d41-4b46-820c-cc66b631cb99
Omitola, Temitope
1c60a885-5485-4676-8907-d657c22d5f58
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Rezazadeh, Abdolbaghi
ab1aeb76-9d41-4b46-820c-cc66b631cb99

Omitola, Temitope, Butler, Michael and Rezazadeh, Abdolbaghi (2019) Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis. 30th International Conference on Database and Expert Systems Applications, Linz, Austria. 26 - 29 Aug 2019. pp. 1-10 . (doi:10.1007/978-3-030-27684-3_11).

Record type: Conference or Workshop Item (Paper)

Abstract

The increased connectivity of critical maritime infrastructure (CMI) systems to digital networks have raised concerns of their vulnerability to cyber attacks. As less emphasis has been placed, to date, on ensuring security of cyber-physical maritime systems, mitigating these cyber attacks will require the design and engineering of secure maritime infrastructure systems. Systems theory has been shown to provide the foundation for a disciplined approach to engineering secure cyber-physical systems. In this paper, we use systems theory, and concepts adapted from safety analysis, to develop a systematic mechanism for analysing the security functionalities of assets' interactions in the maritime domain. We use the theory to guide us to discern the system's requirement, likely system losses, potential threats, and to construct system constraints needed to inhibit or mitigate these threats. Our analyses can be used as springboards to a set of principles to help enunciate the assumptions and system-level security requirements useful as the bases for systems' security validation and verification.

Text
Making(Implicit)SecurityRequirementsExplicit-Camera-Rdy - Proof
Restricted to Repository staff only
Request a copy

More information

Accepted/In Press date: 2019
Published date: August 2019
Venue - Dates: 30th International Conference on Database and Expert Systems Applications, Linz, Austria, 2019-08-26 - 2019-08-29

Identifiers

Local EPrints ID: 432987
URI: https://eprints.soton.ac.uk/id/eprint/432987
PURE UUID: 3571a7f3-ce43-43e6-bfb2-2f8c70bd64aa
ORCID for Michael Butler: ORCID iD orcid.org/0000-0003-4642-5373

Catalogue record

Date deposited: 05 Aug 2019 16:30
Last modified: 06 Aug 2019 00:36

Export record

Altmetrics

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of https://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×