Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis
Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis
The increased connectivity of critical maritime infrastructure (CMI) systems to digital networks have raised concerns of their vulnerability to cyber attacks. As less emphasis has been placed, to date, on ensuring security of cyber-physical maritime systems, mitigating these cyber attacks will require the design and engineering of secure maritime infrastructure systems. Systems theory has been shown to provide the foundation for a disciplined approach to engineering secure cyber-physical systems. In this paper, we use systems theory, and concepts adapted from safety analysis, to develop a systematic mechanism for analysing the security functionalities of assets' interactions in the maritime domain. We use the theory to guide us to discern the system's requirement, likely system losses, potential threats, and to construct system constraints needed to inhibit or mitigate these threats. Our analyses can be used as springboards to a set of principles to help enunciate the assumptions and system-level security requirements useful as the bases for systems' security validation and verification.
75-84
Omitola, Temitope
1c60a885-5485-4676-8907-d657c22d5f58
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Rezazadeh, Abdolbaghi
ab1aeb76-9d41-4b46-820c-cc66b631cb99
August 2019
Omitola, Temitope
1c60a885-5485-4676-8907-d657c22d5f58
Butler, Michael
54b9c2c7-2574-438e-9a36-6842a3d53ed0
Rezazadeh, Abdolbaghi
ab1aeb76-9d41-4b46-820c-cc66b631cb99
Omitola, Temitope, Butler, Michael and Rezazadeh, Abdolbaghi
(2019)
Making (implicit) security requirements explicit for cyber-physical systems: A maritime use case security analysis.
Anderst-Kotsis, G., Tjoa, A. and Khalil, I.
(eds.)
In Database and Expert Systems Applications.
vol. 1062,
Springer.
.
(doi:10.1007/978-3-030-27684-3_11).
Record type:
Conference or Workshop Item
(Paper)
Abstract
The increased connectivity of critical maritime infrastructure (CMI) systems to digital networks have raised concerns of their vulnerability to cyber attacks. As less emphasis has been placed, to date, on ensuring security of cyber-physical maritime systems, mitigating these cyber attacks will require the design and engineering of secure maritime infrastructure systems. Systems theory has been shown to provide the foundation for a disciplined approach to engineering secure cyber-physical systems. In this paper, we use systems theory, and concepts adapted from safety analysis, to develop a systematic mechanism for analysing the security functionalities of assets' interactions in the maritime domain. We use the theory to guide us to discern the system's requirement, likely system losses, potential threats, and to construct system constraints needed to inhibit or mitigate these threats. Our analyses can be used as springboards to a set of principles to help enunciate the assumptions and system-level security requirements useful as the bases for systems' security validation and verification.
Text
Making(Implicit)SecurityRequirementsExplicit-Camera-Rdy
- Accepted Manuscript
More information
Accepted/In Press date: 2019
Published date: August 2019
Venue - Dates:
30th International Conference on Database and Expert Systems Applications, Johannes Kepler University Linz, Austria, 2019-08-26 - 2019-08-29
Identifiers
Local EPrints ID: 432987
URI: http://eprints.soton.ac.uk/id/eprint/432987
PURE UUID: 3571a7f3-ce43-43e6-bfb2-2f8c70bd64aa
Catalogue record
Date deposited: 05 Aug 2019 16:30
Last modified: 08 Oct 2020 04:02
Export record
Altmetrics
Contributors
Author:
Michael Butler
Author:
Abdolbaghi Rezazadeh
Editor:
G. Anderst-Kotsis
Editor:
A. Tjoa
Editor:
I. Khalil
University divisions
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics