Cyber Risk in IoT Systems

Radanliev, Petar; Roure, David C. De; Maple, Carsten; Nurse, Jason R. C.; Nicolescu, Răzvan; Ani, Uchenna

doi:10.20944/preprints201903.0104.v1

Cited by 20 publications

(15 citation statements)

References 17 publications

(25 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To define a transformation roadmap for standardisation of IoT risk impact assessment, the methodology follows established approaches [122][123][124][125][126][127][128] and few recently developed design processes 122,[129][130][131][132][133][134][135][136][137] .The following section performs strengths, weaknesses, opportunities and threats (SWOT) analysis. This diversity of approaches identified in the gap analysis, presents conflict in risk assessment, e.g.…”

Section: Transformation Roadmap For Standardisation Of Iot Risk Impacmentioning

confidence: 99%

Cyber Risk Management for the Internet of Things

Radanliev¹,

D²,

Burnap³

et al. 2019

Preprint

Self Cite

View full text Add to dashboard Cite

The Internet-of-Things (IoT) enables enterprises to obtain profits from data but triggers data protection questions and new types of cyber risk. Cyber risk regulations for the IoT however do not exist. The IoT risk is not included in the cyber security assessment standards, hence, often not visible to cyber security experts. This is concerning, because companies integrating IoT devices and services need to perform a self-assessment of its IoT cyber security posture. The outcome of such self-assessment need to define a current and target state, prior to creating a transformation roadmap outlining tasks to achieve the stated target state. In this article, a comparative empirical analysis is performed of multiple cyber risk assessment approaches, to define a high-level potential target state for company integrating IoT devices and/or services. Defining a high-level potential target state represent is followed by a high-level transformation roadmap, describing how company can achieve their target state, based on their current state. The transformation roadmap is used to adapt IoT risk impact assessment with a Goal-Oriented Approach and the Internet of Things Micro Mart model. The main contributions from this paper represent a transformation roadmap for standardisation of IoT risk impact assessment; and transformation design imperatives describing how IoT companies can achieve their target state based on their current state with a Goal-Oriented approach. Verified by epistemological analysis defining a unified cyber risk assessment approach. These can be used for calculating the economic impact of cyber risk; for international cyber risk assessment approach; for quantifying cyber risk; and for planning for impact of cyber-attacks, e.g. cyber insurance. The new methods presented in this paper for applying the roadmap include: IoT Risk Analysis through Functional Dependency; Network-based Linear Dependency Modelling; IoT risk impact assessment with a Goal-Oriented Approach; and a correlation between the Goal-Oriented Approach and the IoTMM model.

show abstract

Section: Transformation Roadmap For Standardisation Of Iot Risk Impacmentioning

confidence: 99%

Cyber Risk Management for the Internet of Things

Radanliev¹,

D²,

Burnap³

et al. 2019

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…This becomes clearly visible in Table 2. This variety of approaches presents conflict in risk assessment 4,5,14,[32][33][34][35][36][6][7][8][9][10][11][12][13] . To avoid such conflicts, the core cyber impact assessment concepts are extracted to defining the design principles for cyber risk impact assessment from IoT in the digital economy.…”

Section: Literature Reviewmentioning

confidence: 99%

“…Additional research is required to integrate the knowledge from other risk assessment approaches. This research is conducted already and the aim is to publish the findings in a series of papers 3,4,13,14,20,[27][28][29][30][31][32][33]5,[34][35][36][37]43,44,[6][7][8][9][10][11][12] .…”

Section: Limitations and Further Researchmentioning

confidence: 99%

Cyber Risk impact Assessment - Assessing the Risk from the IoT to the Digital Economy

Radanliev¹,

Roure²,

Nurse³

et al. 2019

Preprint

Self Cite

View full text Add to dashboard Cite

We present an updated design process for adapting and integrating existing cyber risk assessment approaches for impact assessment for the risk from IoT to the digital economy. The new design process includes a set of changes to the original standards (e.g. NIST) that are adapted for the IoT cyber risk in this paper. This paper also presents a new framework for impact assessment of IoT cyber risk, specific for the digital economy.

show abstract

“…The gaps and key factors in current technological trends for I4.0 supply chain design integrating IIoT principles were derived from the taxonomic review [1], [3], [27], [41], [42], [44]- [47], [19]- [26]. These are analysed through a case study of I4.0 frameworks in the current section.…”

Section: Case Study Of Five Leading I40 Initiatives and Their Technomentioning

confidence: 99%

Supply Chain Design for the Industrial Internet of Things and the Industry 4.0

Radanliev¹,

Roure²,

Nurse³

et al. 2019

Preprint

Self Cite

View full text Add to dashboard Cite

Digital technologies have changed the way supply chain operations are structured. In this article, we develop design principles to show determining factors for an Internet-of-Things approach within Supply Chain Management. From the design principles, the article derives a new model for the Industrial Internet of Things supply chains. The focus is on Small and Medium Enterprises (SMEs). This research design results in a new process of compounding knowledge from existing supply chain models and adapting the cumulative findings to the concept of supply chains in the Industrial Internet of Things. The paper outlines the design principles for developing cognition in the process of integrating SME’s digital supply chains in the Industrial Internet of Things (IIoT) and the Industry 4.0 (I4.0).

show abstract

Cyber Risk in IoT Systems

Cited by 20 publications

References 17 publications

Cyber Risk Management for the Internet of Things

Cyber Risk Management for the Internet of Things

Cyber Risk impact Assessment - Assessing the Risk from the IoT to the Digital Economy

Supply Chain Design for the Industrial Internet of Things and the Industry 4.0

Contact Info

Product

Resources

About