Abstract
Cyber Physical Systems are facing huge and diverse set of security risks, especially cyber-attacks that can cause disruption to physical services or create a national disaster. Information and communication technology (ICT) has made a remarkable impact on the society. As a Cyber Physical System (CPS) relies basically on information and communication technology, this puts the system’s assets under certain risks especially cyber ones, and hence they must be kept under control by means of security countermeasures that generate confidence in the use of these assets. And so there is a critical need to give a great attention on the cybersecurity of these systems, which consequently leads to the safety of the physical world. This goal is achieved by adopting a solution that applies processes, plans and actions to prevent or reduce the effects of threats. Traditional IT risk assessment methods can do the job, however, and because of the characteristics of a CPS, it is more efficient to adopt a solution that is wider than a method, and addresses the type, functionalities and complexity of a CPS. This chapter proposes a framework that breaks the restriction to a traditional risk assessment method and encompasses wider set of procedures to achieve a high level strategy that could be adopted in the risk management process, in particular the cybersecurity of cyber-physical systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Peng Y, Lu T, Liu J, Gao Y, Guo X, Xie F (2013) Cyber-physical system risk assessment. Paper presented at ninth International conference on intelligent information hiding and multimedia signal processing
Ansaldo STS CBTC communication based train control. http://www.ansaldo-sts.com/sites/ansaldosts.message-asp.com/files/imce/cbtc.pdf. Accessed 4 May 2018
Chen B et al (2015) Security analysis of urban railway systems: the need for a cyber-physical perspective
Andrew F, Emmanouil P, Pasquale M, Chris H, Fabrizio S (2016) Decision support approaches for cyber security investment
Ansaldo Signalling and Transportation Systems (Ansaldo STS). http://www.ansaldo-sts.com/en/about-us/. Accessed 4 May 2018
Balvir S, Amarjeet S (2015) A roadmap to data security of automated university examination system
Annual Emerging Cyber Threats Report. Georgia Tech Information Security Center. http://www.gtisc.gatech.edu/. Accessed 4 May 2018
Internet Security Threats Report. Symantec. http://www.symantec.com/threatreport/. Accessed 4 May 2018
The CERT guide to insider threats: how to prevent, detect, and respond to theft of critical information, sabotage, and fraud. www.cert.org/archive/pdf/insidercross051105.pdf. Accessed 4 May 2018
Hunker J, Probst CW (2011) Insiders and insider threats—an overview of definitions and mitigation techniques. J Wirel Mob Netw Ubiquitous Comput Depend Appl 2(1):4–27
Mokalled H et al (2017) The importance to manage data protection in the right way: problems and solutions. In: Optimization and decision science: methodologies and applications: ODS. Sorrento, Italy, September 4–7, pp 69–82
ENISA Threat Landscape Report 2017. 15 top cyber-threats and trends. https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2017. Accessed 4 May 2018
MAGERIT – version 3.0. Methodology for information systems risk analysis and management. Book I – The Method, Madrid, July 2014
PILAR. Risk analysis and management- help files, version 6.2, August 17, 2016
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
Mokalled, H., Pragliola, C., Debertol, D., Meda, E., Zunino, R. (2019). A Comprehensive Framework for the Security Risk Management of Cyber-Physical Systems. In: Flammini, F. (eds) Resilience of Cyber-Physical Systems. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-319-95597-1_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-95597-1_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-95596-4
Online ISBN: 978-3-319-95597-1
eBook Packages: Computer ScienceComputer Science (R0)