CNR Author
operator:
and / or
Typology
operator:
and / or
Language
operator:
and / or
Date
operator:
and / or
Rights
operator:
and / or
2023
Journal article
Open Access
Safety and cybersecurity assessment techniques for critical industries: a mapping study
Babeshko I., Di Giandomenico F.
The paper presents a mapping study of safety and cybersecurity assessment techniques used in critical industries such as nuclear power plants, the oil and gas sector, autonomous vehicles, railways, etc., with particular emphasis on instrumentation and control systems (I&C). Modern I&Cs are complex electronic systems comprising thousands of components, therefore their reliability and safety when employed in critical application domains are challenging. With the development and integration of Industry 4.0 technologies such systems become more open for communication and flexible usage due to gradual interconnection with public networks and the Internet, but new cybersecurity and safety challenges are introduced. This paper states research questions and provides analysis results of recent relevant sources. Initially, 320 records (acquired between 2018 and 2022 inclusive) were identified. Later on, 187 studies were processed to check eligibility criteria. Overall, this mapping study includes 49 papers, after examining the pre-defined criteria and guidelines. The results of the analysis performed allow to systemize techniques being utilized in practice right now, as well as to identify trends of further techniques development. In fact, although the techniques used are not novel and most of them have been used for decades, our study shows that there are still some new trends in this field. In particular, the unified safety and cybersecurity assessment technique is a promising research direction, worth further investigation.Source: IEEE access 11 (2023): 83781–83793. doi:10.1109/ACCESS.2023.3297446
DOI: 10.1109/access.2023.3297446
Metrics:
Babeshko I., Di Giandomenico F.
The paper presents a mapping study of safety and cybersecurity assessment techniques used in critical industries such as nuclear power plants, the oil and gas sector, autonomous vehicles, railways, etc., with particular emphasis on instrumentation and control systems (I&C). Modern I&Cs are complex electronic systems comprising thousands of components, therefore their reliability and safety when employed in critical application domains are challenging. With the development and integration of Industry 4.0 technologies such systems become more open for communication and flexible usage due to gradual interconnection with public networks and the Internet, but new cybersecurity and safety challenges are introduced. This paper states research questions and provides analysis results of recent relevant sources. Initially, 320 records (acquired between 2018 and 2022 inclusive) were identified. Later on, 187 studies were processed to check eligibility criteria. Overall, this mapping study includes 49 papers, after examining the pre-defined criteria and guidelines. The results of the analysis performed allow to systemize techniques being utilized in practice right now, as well as to identify trends of further techniques development. In fact, although the techniques used are not novel and most of them have been used for decades, our study shows that there are still some new trends in this field. In particular, the unified safety and cybersecurity assessment technique is a promising research direction, worth further investigation.Source: IEEE access 11 (2023): 83781–83793. doi:10.1109/ACCESS.2023.3297446
DOI: 10.1109/access.2023.3297446
Metrics:
See at:
ieeexplore.ieee.org 
| ISTI Repository | CNR ExploRA
2023
Journal article
Open Access
Security-informed safety analysis of autonomous transport systems considering AI-powered cyberattacks and protection
Illiashenko O., Kharchenko V., Babeshko I., Fesenko H., Di Giandomenico F.
The entropy-oriented approach called security- or cybersecurity-informed safety (SIS or CSIS, respectively) is discussed and developed in order to analyse and evaluate the safety and dependability of autonomous transport systems (ATSs) such as unmanned aerial vehicles (UAVs), unmanned maritime vehicles (UMVs), and satellites. This approach allows for extending and integrating the known techniques FMECA (Failure Modes, Effects, and Criticality Analysis) and IMECA (Intrusion MECA), as well as developing the new SISMECA (SIS-based Intrusion Modes, Effects, and Criticality Analysis) technique. The ontology model and templates for SISMECA implementation are suggested. The methodology of safety assessment is based on (i) the application and enhancement of SISMECA considering the particularities of various ATSs and roles of actors (regulators, developers, operators, customers); (ii) the development of a set of scenarios describing the operation of ATS in conditions of cyberattacks and physical influences; (iii) AI contribution to system protection for the analysed domains; (iv) scenario-based development and analysis of user stories related to different cyber-attacks, as well as ways to protect ATSs from them via AI means/platforms; (v) profiling of AI platform requirements by use of characteristics based on AI quality model, risk-based assessment of cyberattack criticality, and efficiency of countermeasures which actors can implement. Examples of the application of SISMECA assessment are presented and discussed.Source: Entropy (Basel, Online) 25 (2023). doi:10.3390/e25081123
DOI: 10.3390/e25081123
Metrics:
Illiashenko O., Kharchenko V., Babeshko I., Fesenko H., Di Giandomenico F.
The entropy-oriented approach called security- or cybersecurity-informed safety (SIS or CSIS, respectively) is discussed and developed in order to analyse and evaluate the safety and dependability of autonomous transport systems (ATSs) such as unmanned aerial vehicles (UAVs), unmanned maritime vehicles (UMVs), and satellites. This approach allows for extending and integrating the known techniques FMECA (Failure Modes, Effects, and Criticality Analysis) and IMECA (Intrusion MECA), as well as developing the new SISMECA (SIS-based Intrusion Modes, Effects, and Criticality Analysis) technique. The ontology model and templates for SISMECA implementation are suggested. The methodology of safety assessment is based on (i) the application and enhancement of SISMECA considering the particularities of various ATSs and roles of actors (regulators, developers, operators, customers); (ii) the development of a set of scenarios describing the operation of ATS in conditions of cyberattacks and physical influences; (iii) AI contribution to system protection for the analysed domains; (iv) scenario-based development and analysis of user stories related to different cyber-attacks, as well as ways to protect ATSs from them via AI means/platforms; (v) profiling of AI platform requirements by use of characteristics based on AI quality model, risk-based assessment of cyberattack criticality, and efficiency of countermeasures which actors can implement. Examples of the application of SISMECA assessment are presented and discussed.Source: Entropy (Basel, Online) 25 (2023). doi:10.3390/e25081123
DOI: 10.3390/e25081123
Metrics:
See at:
ISTI Repository | www.mdpi.com | CNR ExploRA