Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure

Riggs, Hugo; Tufail, Shahid; Parvez, Imtiaz; Tariq, Mohd; Khan, Mohammed Aquib; Amir, Asham; Vuda, Kedari Vineetha; Sarwat, Arif I.

doi:10.3390/s23084060

Cited by 20 publications

(5 citation statements)

References 59 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They have the potential to inflict significant harm on businesses, products, and data. In [18], a summary of the major attacks that have occurred in the last 20 years against critical infrastructures was presented, also including an analysis of the types of attacks, consequences, vulnerabilities, victims, and attackers. The paper also provided an estimation of the number of major cyber attacks that will occur on critical infrastructure in the future.…”

Section: Security Update Requirements For Iot Devicesmentioning

confidence: 99%

Firmware Updates over the Air via LoRa: Unicast and Broadcast Combination for Boosting Update Speed

Malumbres,

Saldana,

Berné

et al. 2024

Sensors

View full text Add to dashboard Cite

The capacity to update firmware is a vital component in the lifecycle of Internet of Things (IoT) devices, even those with restricted hardware resources. This paper explores the best way to wirelessly (Over The Air, OTA) update low-end IoT nodes with difficult access, combining the use of unicast and broadcast communications. The devices under consideration correspond to a recent industrial IoT project that focuses on the installation of intelligent lighting systems within ATEX (potentially explosive atmospheres) zones, connected via LoRa to a gateway. As energy consumption is not limited in this use case, the main figure of merit is the total time required for updating a project. Therefore, the objective is to deliver all the fragments of the firmware to each and all the nodes in a safe way, in the least amount of time. Three different methods, combining unicast and broadcast transmissions in different ways, are explored analytically, with the aim of obtaining the expected update time. The methods are also tested via extensive simulations, modifying different parameters such as the size of the scenario, the number of bytes of each firmware chunk, the number of nodes, and the number of initial broadcast rounds. The simulations show that the update time of a project can be significant, considering the limitations posed by regulations, in terms of the percentage of airtime consumption. However, significant time reductions can be achieved by using the proper method: in some cases, when the number of nodes is high, the update time can be reduced by two orders of magnitude if the correct method is chosen. Moreover, one of the proposed methods is implemented using actual hardware. This real implementation is used to perform firmware update experiments in a lab environment. Overall, the article illustrates the advantage of broadcast approaches in this kind of technology, in which the transmission rate is constant despite the distance between the gateway and the node. However, the advantage of these broadcast methods with respect to the unicast one could be mitigated if the nodes do not run exactly the same firmware version, since the control of the broadcast update would be more difficult and the total update time would increase.

show abstract

Section: Security Update Requirements For Iot Devicesmentioning

confidence: 99%

Firmware Updates over the Air via LoRa: Unicast and Broadcast Combination for Boosting Update Speed

Malumbres,

Saldana,

Berné

et al. 2024

Sensors

View full text Add to dashboard Cite

show abstract

“…Furthermore, transmission should be regulated in a way that the system developer should take precautions against cascading failures to improve the system's capacity to withstand the effects of a cyberattack. Since each of these failures is independent (Riggs et al, 2023). Large "domino effect" networks are likely to suffer significant damage in response to even small disturbances, which severely restricts the range of situations in which resilient operation and effective absorption and recovery are still feasible.…”

Section: Strategies For Enhancing Cyber Resiliencementioning

confidence: 99%

Driving Technological Innovation for a Resilient Cybersecurity Landscape

Aminu,

Anawansedo,

Sodiq

et al. 2024

IJLTEMAS

View full text Add to dashboard Cite

It is more important than ever to have a cybersecurity environment that is resilient and secure in this age of widespread digital connectivity. This research paper explores how developing technological innovation can serve as the foundation for building resilience in cyberspace. The study covers important aspects of cybersecurity, including its conceptual foundations, a wide range of applications, risk-reduction strategies, and the crucial role that policy regulation plays in the digital environment. In conclusion, the paper suggests that technological innovation is the driving force behind transformative change in cybersecurity. Policymakers, business executives, cybersecurity professionals, and researchers are all affected by the implications, which call for a coordinated and flexible strategy to meet the challenges of the digital frontier.

show abstract

“…Cyberattacks were identified as a relevant source of risk [16][17][18], although the risk to the technical systems in the study area is considered to be low due to the spatial separation of the systems. In the present case study, the operation of the water supply systems is only at low risk from cyberattacks.…”

Section: Hazard Analysismentioning

confidence: 99%

“…Other threats to the water supply come from sabotage and acts of war. An increase in cyberattacks on critical infrastructure is currently to be expected [16][17][18].…”

Section: Introductionmentioning

confidence: 99%

Water Supply Security—Risk Management Instruments in Water Supply Companies

Heumer,

Grischek,

Tränckner

2024

Water

View full text Add to dashboard Cite

Piped drinking water supplies are exposed to a range of threats. Changing hazard situations arise from climate change, digitisation, and changing conditions in the power supply, among other things. Risk and crisis management adapted to the hazard situation can increase the resilience of the piped drinking water supply. Analogous to the risk management system, this article describes a methodology that ranges from hazard analysis with the prioritisation of 57 individual hazards to vulnerability assessment with the help of balance sheet structure models (BSM) and the planning and implementation of measures to increase the resilience of the piped drinking water supply in a targeted manner. The work steps mentioned build on each other and were tested using the case study of a water supply company in Saxony (Germany). As a result, priority hazards are identified, the remaining supply periods and replacement and emergency water requirements are determined as part of the vulnerability assessment, and finally, planning principles for increasing resilience are documented. The methodology focuses primarily on practicable application by water supply companies.

show abstract

Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure

Cited by 20 publications

References 59 publications

Firmware Updates over the Air via LoRa: Unicast and Broadcast Combination for Boosting Update Speed

Firmware Updates over the Air via LoRa: Unicast and Broadcast Combination for Boosting Update Speed

Driving Technological Innovation for a Resilient Cybersecurity Landscape

Water Supply Security—Risk Management Instruments in Water Supply Companies

Contact Info

Product

Resources

About