A Hybrid Methodology to Assess Cyber Resilience of IoT in Energy Management and Connected Sites-Reference-Cited by-同舟云学术

A Hybrid Methodology to Assess Cyber Resilience of IoT in Energy Management and Connected Sites

Published:2023-10-25 Issue:21 Volume:23 Page:8720
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Mehmood Amjad¹²,Epiphaniou Gregory¹^ORCID,Maple Carsten¹^ORCID,Ersotelos Nikolaos³^ORCID,Wiseman Richard⁴

Affiliation:

1. Secure Cyber Systems Research Group (CSCRG), WMG, University of Warwick, Coventry CV4 7AL, UK

2. Institute of Computing, Kohat University of Science & Technology, Kohat 46000, Pakistan

3. Department of Computer Science and Creative Technologies, University of the West of England, Bristol BS16 1QY, UK

4. BT Group, 5th Floor, Orion Building, Adastral Park, Martlesham Heath, Ipswich IP5 3RE, UK

Abstract

Cyber threats and vulnerabilities present an increasing risk to the safe and frictionless execution of business operations. Bad actors (“hackers”), including state actors, are increasingly targeting the operational technologies (OTs) and industrial control systems (ICSs) used to protect critical national infrastructure (CNI). Minimisations of cyber risk, attack surfaces, data immutability, and interoperability of IoT are some of the main challenges of today’s CNI. Cyber security risk assessment is one of the basic and most important activities to identify and quantify cyber security threats and vulnerabilities. This research presents a novel i-TRACE security-by-design CNI methodology that encompasses CNI key performance indicators (KPIs) and metrics to combat the growing vicarious nature of remote, well-planned, and well-executed cyber-attacks against CNI, as recently exemplified in the current Ukraine conflict (2014–present) on both sides. The proposed methodology offers a hybrid method that specifically identifies the steps required (typically undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on CNI). Furthermore, we present a novel, advanced, and resilient approach that leverages digital twins and distributed ledger technologies for our chosen i-TRACE use cases of energy management and connected sites. The key steps required to achieve the desired level of interoperability and immutability of data are identified, thereby reducing the risk of CNI-specific cyber attacks and minimising the attack vectors and surfaces. Hence, this research aims to provide an extra level of safety for CNI and OT human operatives, i.e., those tasked with and responsible for detecting, deterring, disrupting, and mitigating these cyber-attacks. Our evaluations and comparisons clearly demonstrate that i-TRACE has significant intrinsic advantages compared to existing “state-of-the-art” mechanisms.

Funder

Innovate UK

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Link

https://www.mdpi.com/1424-8220/23/21/8720/pdf

Reference121 articles.

1. (2020, September 11). International Standard ISO 31000. Available online: https://shahrdevelopment.ir/wp-content/uploads/2020/03/ISO-31000.pdf.

2. Ghebreyesus, E. (2023, September 06). 5 Key Security Challenges Facing Critical National Infrastructure (CNI). Available online: https://www.tripwire.com/state-of-security/key-security-challenges-facing-critical-national-infrastructure-cni.

3. Lee, I. (2020). Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management. Future Internet, 12.

4. Probabilistic threat detection for risk management in cyber-physical medical systems;Rao;IEEE Softw.,2018

5. A Methodological Framework for the Selection of Key Performance Indicators to Assess Smart City Solutions;Tsarchopoulos;Smart Cities,2019