Cybersecurity for Safety: Risk Assessment of Autonomous Cyber-Physical Systems

被引:0
作者
Perone, Stefano [1 ]
Faramondi, Luca [1 ]
Guarino, Simone [1 ]
Setola, Roberto [1 ]
Nobili, Martina [1 ]
Flammini, Francesco [2 ]
Corradini, Franca [2 ]
机构
[1] Univ Campus Biomed, Unit Automat Control, Dept Engn, Via Alvaro del Portillo 21, I-00128 Rome, Italy
[2] Univ Appl Sci & Arts Southern Switzerland, IDSIA USI SUPSI, Via Santa 1, CH-6962 Lugano, Switzerland
来源
2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR | 2024年
关键词
Cyber-Physical Systems; Risk assessment; Autonomous Systems; Safety and Security integration; Artificial Intelligence;
D O I
10.1109/CSR61664.2024.10679436
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Recent developments in Artificial Intelligence and Industry 4.0 have led to a new generation of autonomous Cyber-Physical Systems (CPSs), including self-driving cars, unmanned aerial vehicles, and multi-robot systems, possibly operating in critical environments. With the increase in systems complexity, the distinction between safety and security becomes blurred, with cyber-attacks affecting both security and safety attributes of CPSs. Failures can potentially lead to severe consequences and hazards, such as environmental pollution and hazards to human operators. In light of the above, in this paper, we propose a novel risk assessment methodology tailored to safety- and security-critical CPSs. The methodology begins with identifying a specific threat scenario, enabling the analysis of risks caused by cyber-attacks. These risks are then evaluated in terms of safety and privacy using the EVITA approach. The methodology's effectiveness is demonstrated through a case study of an autonomous wheelchair within the REXASI-PRO European project.
引用
收藏
页码:652 / 657
页数:6
相关论文
共 26 条
[1]   Assessing Cyber Risk in Cyber-Physical Systems Using the ATT&CK Framework [J].
Amro, Ahmed ;
Gkioulos, Vasileios ;
Katsikas, Sokratis .
ACM TRANSACTIONS ON PRIVACY AND SECURITY, 2023, 26 (02)
[2]  
Amutio M. A., 2014, MAGERITMethodology for Information Systems Risk Analysis and Management
[3]  
[Anonymous], 2018, IEC 62443 2009-2018
[4]  
[Anonymous], 2018, ISO31000:2018(E),
[5]  
[Anonymous], 2018, IEC 60812:2018
[6]  
Caralli R.A., 2007, Technical report
[7]  
Corradini F., 2023, P 1 INT S TRUSTW AUT, P1
[8]  
Dickerson R., 2005, Incident Management 101 Preparation and Initial Response (aka Identification)
[9]   A hybrid behavior- and Bayesian network-based framework for cyber-physical anomaly detection [J].
Faramondi, Luca ;
Flammini, Francesco ;
Guarino, Simone ;
Setola, Roberto .
COMPUTERS & ELECTRICAL ENGINEERING, 2023, 112
[10]  
Henniger O., 2009, P EMB SEC CARS ESCAR