Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective

Ani, Uchenna; He, Hongmei; Tiwari, Ashutosh

doi:10.1080/23742917.2016.1252211

Cited by 145 publications

(68 citation statements)

References 52 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For example, attackers can gain access to computing platforms and manipulate systems measurement data which can compromise systems performance and integrity, and hence, security and safety in cyber-physical systems. Therefore, the issues of data security also required special consideration from supply chain perspectives as companies are increasingly dependent on information, which may well originate beyond a single company (Ani et al 2017). Cyber security is valued as a major challenge in supply chain, as this technique can compromise companies and make them inevitably lose control over customers' and products' propriety information.…”

Section: Security Issuesmentioning

confidence: 99%

Big data supply chain analytics: ethical, privacy and security challenges posed to business, industries and society

Ogbuke

Yusuf

Kovvuri

et al. 2020

Production Planning & Control

102

View full text Add to dashboard Cite

This study conducted a comprehensive review of big data supply chain analytics (BDSCA). The paper explored the application of big data in supply chain management and its benefits for organisations and society. The paper also examined the ethical, security, privacy and operational challenges of big data techniques, as well as the potential reputational damages to businesses. The review outlined four principal facets, namely: Big data analytics, applications, ethics and privacy issues, and how organizations employed this emerging tool to anticipate and even predict the future and direct their operations. These principle facets are built across the multiple levels and unique conceptual standpoints indicated by 7 themes and 14 sub-themes. These themes were generated based on 120 articles (2005À2020) drawn mainly from leading academic journals. Overall, there is a considerable consensus across current literature that big data analytics extend far beyond just reinventing the supply chain. It has the potential to support more responsive next-generation of global companies who are operating in an increasingly challenging and uncertain environment.

show abstract

Section: Security Issuesmentioning

confidence: 99%

Big data supply chain analytics: ethical, privacy and security challenges posed to business, industries and society

Ogbuke

Yusuf

Kovvuri

et al. 2020

Production Planning & Control

102

View full text Add to dashboard Cite

show abstract

“…Asset identification and cascading vulnerabilities were not considered as a result of the interdependency between assets. A previous work [36] offers an insightful review of the possible solution paths to understand the industrial control systems security trends in relation to cyber threats, vulnerabilities, attacks, and impacts on the industrial control system (ICS). The work did not implement any practical approach to identify assets, assess vulnerabilities, threats, and mitigate risks, but only suggested some techniques.…”

Section: Comparison With Existing Study Resultsmentioning

confidence: 99%

“…Vulnerability assessment follows different techniques, in our case, we will follow a checklist of all possible vulnerabilities associated with each critical asset, how many different assets are affected by one or many vulnerabilities, and finally how vulnerability cascade to affecting another vulnerability, therefore, causing the occurrence of a threat. The vulnerability is an exposure to security that results in the weakness of a critical asset allowing for the compromise of any of the security objectives [36], and is defined as 'the measure of the susceptibility of a system to threat' [37]. Identification and assessing vulnerability is an important and a delicate task that has an impact on the successful operation of assets that provide CPS services.…”

Section: Activity 3: Vulnerability Assessment and Threat Identificationmentioning

confidence: 99%

An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System

2018

View full text Add to dashboard Cite

A cyber-physical system (CPS) is a combination of physical system components with cyber capabilities that have a very tight interconnectivity. CPS is a widely used technology in many applications, including electric power systems, communications, and transportation, and healthcare systems. These are critical national infrastructures. Cybersecurity attack is one of the major threats for a CPS because of many reasons, including complexity and interdependencies among various system components, integration of communication, computing, and control technology. Cybersecurity attacks may lead to various risks affecting the critical infrastructure business continuity, including degradation of production and performance, unavailability of critical services, and violation of the regulation. Managing cybersecurity risks is very important to protect CPS. However, risk management is challenging due to the inherent complex and evolving nature of the CPS system and recent attack trends. This paper presents an integrated cybersecurity risk management framework to assess and manage the risks in a proactive manner. Our work follows the existing risk management practice and standard and considers risks from the stakeholder model, cyber, and physical system components along with their dependencies. The approach enables identification of critical CPS assets and assesses the impact of vulnerabilities that affect the assets. It also presents a cybersecurity attack scenario that incorporates a cascading effect of threats and vulnerabilities to the assets. The attack model helps to determine the appropriate risk levels and their corresponding mitigation process. We present a power grid system to illustrate the applicability of our work. The result suggests that risk in a CPS of a critical infrastructure depends mainly on cyber-physical attack scenarios and the context of the organization. The involved risks in the studied context are both from the technical and nontechnical aspects of the CPS.

show abstract

“…The main difference between the two systems is that the IT environment essentially manages data, while the ICS manages the physical environment [21]. Over time, the advancement of communication technologies combined with a reduction in costs have attracted ICS to embrace the IT communication technologies.…”

Section: Ics Vs It Environmentsmentioning

confidence: 99%

Preliminaries of Orthogonal Layered Defence Using Functional and Assurance Controls in Industrial Control Systems

Mackintosh¹,

Epiphaniou

Al-Khateeb

et al. 2019

JSAN

View full text Add to dashboard Cite

Industrial Control Systems (ICSs) are responsible for the automation of different processes and the overall control of systems that include highly sensitive potential targets such as nuclear facilities, energy-distribution, water-supply, and mass-transit systems. Given the increased complexity and rapid evolvement of their threat landscape, and the fact that these systems form part of the Critical National infrastructure (CNI), makes them an emerging domain of conflict, terrorist attacks, and a playground for cyberexploitation. Existing layered-defence approaches are increasingly criticised for their inability to adequately protect against resourceful and persistent adversaries. It is therefore essential that emerging techniques, such as orthogonality, be combined with existing security strategies to leverage defence advantages against adaptive and often asymmetrical attack vectors. The concept of orthogonality is relatively new and unexplored in an ICS environment and consists of having assurance control as well as functional control at each layer. Our work seeks to partially articulate a framework where multiple functional and assurance controls are introduced at each layer of ICS architectural design to further enhance security while maintaining critical real-time transfer of command and control traffic.

show abstract

Review of cybersecurity issues in industrial critical infrastructure: manufacturing in perspective

Cited by 145 publications

References 52 publications

Big data supply chain analytics: ethical, privacy and security challenges posed to business, industries and society

Big data supply chain analytics: ethical, privacy and security challenges posed to business, industries and society

An Integrated Cyber Security Risk Management Approach for a Cyber-Physical System

Preliminaries of Orthogonal Layered Defence Using Functional and Assurance Controls in Industrial Control Systems

Contact Info

Product

Resources

About