Enhancing the Cyber Resilience of Critical Infrastructures through an Evaluation Methodology Based on Assurance Cases

被引:3
|
作者
Koelemeijer, Dorien [1 ,2 ]
机构
[1] Stockholm Univ, DSV, Borgarfjordsgatan 8, SE-16407 Kista, Sweden
[2] Atsec Informat Secur AB, Svardvagen 3C, S-18233 Danderyd, Sweden
来源
KNOWLEDGE-BASED AND INTELLIGENT INFORMATION & ENGINEERING SYSTEMS (KES-2018) | 2018年 / 126卷
关键词
critical adaptive systems; evaluation methodology; modular certification; assurance case; SECURITY;
D O I
10.1016/j.procs.2018.08.099
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Inability to evaluate the performance of critical adaptive systems may have a catastrophic impact on both individuals and society at large, due to societys increased dependence on these systems. However, currently no evaluation methodology exists that adequately assesses the safety and security of critical adaptive systems. Therefore, this research aims to develop an evaluation methodology, which is capable of evaluating critical adaptive systems by reviewing dynamic architectures in real time. The evaluation methodology relies on a tool and an assurance case argument patterns catalogue, which enhance the automated construction and evaluation of assurance cases to determine the performance of critical adaptive systems. The capabilities of the methodology to automatically evaluate an adaptive system are validated on the basis of an illustrative example by employing a tool prototype. The results of the research show that the evaluation methodology provides opportunities to automatically construct and review many, yet not all, aspects of the assurance case by using the tool and the argument patterns catalogue. Therefore, even though the established methodology is largely automated to enable runtime evaluation, several actions remain to demand human interaction to ensure the safe and secure operation of critical adaptive systems. (C) 2018 The Authors. Published by Elsevier Ltd.
引用
收藏
页码:1779 / 1791
页数:13
相关论文
共 50 条
  • [1] Model-Based Evaluation of the Resilience of Critical Infrastructures Under Cyber Attacks
    Netkachov, Oleksandr
    Popov, Peter
    Salako, Kizito
    CRITICAL INFORMATION INFRASTRUCTURES SECURITY (CRITIS 2014), 2016, 8985 : 231 - 243
  • [2] A Methodology for Evaluation of Energy Critical Infrastructures against Cyber Attacks
    Leite, Sergio Ribeiro
    Favacho de Araujo, Aleteia Patricia
    von Paumgartten Junior, Paulo Franklin
    2015 10TH IBERIAN CONFERENCE ON INFORMATION SYSTEMS AND TECHNOLOGIES (CISTI), 2015,
  • [3] A Methodology for Resilience Optimisation of Interdependent Critical Infrastructures
    Galbusera, Luca
    Azzini, Ivano
    Giannopoulos, Georgios
    CRITICAL INFORMATION INFRASTRUCTURES SECURITY, CRITIS 2015, 2016, 9578 : 56 - 66
  • [4] Interdependent critical infrastructures resilience: methodology and case study
    Robert, Benoit
    Morabito, Luciano
    Cloutier, Irene
    Hemond, Yannick
    DISASTER PREVENTION AND MANAGEMENT, 2015, 24 (01) : 70 - 79
  • [5] Risk Assessment for Cyber Resilience of Critical Infrastructures: Methods, Governance, and Standards
    Ardebili, Ali Aghazadeh
    Lezzi, Marianna
    Pourmadadkar, Mahdad
    APPLIED SCIENCES-BASEL, 2024, 14 (24):
  • [6] Measuring Cyber Resilience of IoT-Enabled Critical National Infrastructures
    Adewumi, Adeola
    Hammoudeh, Mohammad
    Dargahi, Tooska
    Jogunola, Olamide
    APPLIED CRYPTOGRAPHY AND NETWORK SECURITY WORKSHOPS, PT I, ACNS 2024-AIBLOCK 2024, AIHWS 2024, AIOTS 2024, SCI 2024, AAC 2024, SIMLA 2024, LLE 2024, AND CIMSS 2024, 2024, 14586 : 265 - 280
  • [7] Functional cyber-resilience - Extending the cybersecurity paradigm in critical infrastructures
    de Haan, Johannes
    2023 IEEE/ACM 4TH INTERNATIONAL WORKSHOP ON ENGINEERING AND CYBERSECURITY OF CRITICAL SYSTEMS, ENCYCRIS, 2023, : 17 - 22
  • [8] Cyber-resilience of Critical Cyber Infrastructures: Integrating digital twins in the electric power ecosystem
    Salvi, Andrea
    Spagnoletti, Paolo
    Noori, Nadia Saad
    COMPUTERS & SECURITY, 2022, 112
  • [9] The Strategies for Critical Cyber Infrastructure (CCI) Protection by Enhancing Software Assurance
    Cronkrite, Mecealus
    Szydlik, John
    Park, Joon
    PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, 2011, : 68 - 75
  • [10] Resilience assessment of smart critical infrastructures based on indicators
    Oien, K.
    Bodsberg, L.
    Jovanovic, A.
    SAFETY AND RELIABILITY - SAFE SOCIETIES IN A CHANGING WORLD, 2018, : 1269 - 1277