With the diffusion of integrated design environments and tools for visual threat modeling for critical infrastructures, the concept of Digital Twin (DT) is gaining momentum in the field of ...cybersecurity. Its main use is for enabling attack simulations and evaluation of countermeasures, without causing outage of the physical system. However, the use of a DT is considered foremost as a facilitator of system operation rather than an integral part of its architecture design. In this work, we introduce a specific architecture view in the system representation, called Cybersecurity View. From it, we derive a cybersecurity Digital Twin as part of the security-by-design practice for Industrial Automation and Control Systems used in Critical Infrastructures. Not only this digital twin serves the purpose of simulating cyber-attacks and devising countermeasures, but its design and function are also directly tied to the architecture model of the system for which the cybersecurity requirements are posed. Moreover, this holds regardless of whether the model is generated as part of the development cycle or through an empirical observation of the system as-is. With this, we enable the identification of adequate cybersecurity measures for the system, while improving the overall system design. To demonstrate the practical usefulness of the proposed methodology, its application is illustrated through two real-world use cases: the Cooperative Intelligent Transport System (C-ITS) and the Road tunnel scenario.
Digitalno vladovanje, ki se razvija v državah članicah EU kot odgovor na izzive avtomatiziranega in algoritmiziranega komuniciranja ob ujetosti državne in evropske medijske regulacije v analogne ...koncepte in rešitve, je zaradi kompleksnosti redko predmet celostne obravnave. Predlagan metodološki pristop, utemeljen na konceptu vladovanja in splošni teoriji sistemov, ki povezuje družbene, ekonomske in tehnične koncepte, ter obseg primerjalne raziskave, ki vključuje 24 držav članic EU, omogočata celovit vpogled v stanje vladovanja v EU. Rezultati raziskave so predstavljeni v kontekstu procesov transformacije regulacije in vladovanja ter širših medijskih in družbenih sprememb, pri katerih se zdi, da je regulacija vedno nekaj korakov za tehnološkimi podjetji, zdaj že pomembnimi globalnimi političnimi akterji, kot v igri mačke in miši, v kateri bi morale države pokazati več spretnosti, odločnosti in sodelovanja, korporacije pa več družbene odgovornosti.
The advent of social networks opened a myriad opportunities for merging the social character of trust with the technical possibilities offered by the Internet and its availability as a mobile ...service. While most of the computational trust models aim to detect trustworthy entities, much less attention is paid to how these models are perceived by the users who are the core of the system. This paper delves into the workings of online trust systems under user bias and analyses the user behaviour through biases defined by Prospect theory. By performing empirical study on an existing system, we are able to demonstrate that there is a huge discrepancy between the aim of implementation of the online trust models and the users' perception of those models. Understanding of this relation by the system designers can reduce complexity and improve the user experience and the system performance. The results imply that the tendency of the users to exhibit cognitive biases is not only the cause, but also the effect from the trust system design. These results and the analysis are then used to propose to the system designers a methodology for user bias identification and mitigation in the form of a Choice architecture for trust systems.
Celotno besedilo
Dostopno za:
BFBNIB, DOBA, GIS, IJS, IZUM, KILJ, KISLJ, NUK, PILJ, PNG, SAZU, UILJ, UKNU, UL, UM, UPUK
The Internet of Things (IoT) paradigm, with its highly distributed and interconnected architecture, is gaining ground in Industry 4.0 and in critical infrastructures like the eHealth sector, the ...Smart Grid, Intelligent Power Plants and Smart Mobility. In these critical sectors, the preservation of metrological characteristics and their traceability is a strong legal requirement, just like cyber-security, since it offers the ground for liability. Any vulnerability in the system in which the metrological network is embedded can endanger human lives, the environment or entire economies. This paper presents a framework comprised of a methodology and some tools for the governance of the metrological chain. The proposed methodology combines the RAMI 4.0 model, which is a Reference Architecture used in the field of Industrial Internet of Things (IIoT), with the the Reference Model for Information Assurance & Security (RMIAS), a framework employed to guarantee information assurance and security, merging them with the well established paradigms to preserve calibration and referability of metrological instruments. Thus, metrological traceability and cyber-security are taken into account straight from design time, providing a conceptual space to achieve security by design and to support the maintenance of the metrological chain over the entire system lifecycle. The framework lends itself to be completely automatized with Model Checking to support automatic detection of non conformity and anomalies at run time.
Automating Smart Grid Solution Architecture Design Masi, Massimiliano; Pavleska, Tanja; Aranha, Helder
2018 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm),
2018-Oct.
Conference Proceeding
The Energy sector and Smart Grids face great interoperability challenges, with virtual power plants (VPPs) being a major representative. In this paper, we present a methodology that automates and ...facilitates the design of solution architectures, producing a structured approach for building interoperable complex systems. Building on solid approaches that incorporate theory and practice of the healthcare enterprise and the Smart Grid sector, our methodology automates critical and time-consuming design steps that are currently performed manually. To accomplish the automation, we enhance and formalize validated principles and frameworks, but moreover, we introduce novel mechanisms to cater for architecture solution correctness, completeness and cohesiveness. The proposed methodology is applied to a VPP use case to demonstrate the applicability of such an architectural approach to other domains as well. An implementation tool of the methodology is also provided to support the practicality of the approach and to enable testability and result-reproducibility.
Employing wireless devices, like sensors and re-mote controllers, in medical workflows has become the norm in healthcare treatments, substantially increasing the quality of patient care. Medical data ...gathered and processed by the hardware and software components continuously traverses the existing IT infrastructures ranging from hospital datacenters to regional healthcare information exchanges. Recent regulations classify such IT infrastructures as critical, mandating precise and specific security requirements. The provision of security is thus not only a technical, but a legal requirement as well. Any vulnerability in a medical device may endanger the patients' privacy, and even their lives. The availability of security expertise, however, cannot be assumed as guaranteed throughout the whole life cycle of the medical devices, mainly due to the scarcity of security experts, among other things.We propose a holistic approach that addresses the challenge of scarce security expertise during the operational phases and is specially devised for mobile medical devices interconnected through healthcare IT infrastructures. Moreover, the model tackles security issues at design time, providing solution architectures that incorporate the security concerns. It combines well-established methodologies and reference models: the former used in the field of Industrial Internet of Things (IIoT) to build robust architectures, and the later employed to guarantee information assurance and security.
Energy Distribution Grids are considered critical infrastructure, hence the Distribution System Operators (DSOs) have developed sophisticated engineering practices to improve their resilience. Over ...the last years, due to the "Smart Grid" evolution, this infrastructure has become a distributed system where prosumers (the consumers who produce and share surplus energy through the grid) can plug in distributed energy resources (DERs) and manage a bi-directional flow of data and power enabled by an advanced IT and control infrastructure. This introduces new challenges, as the prosumers possess neither the skills nor the knowledge to assess the risk or secure the environment from cyber-threats. We propose a simple and usable approach based on the Reference Model of Information Assurance & Security (RMIAS), to support the prosumers in the selection of cybesecurity measures. The purpose is to reduce the risk of being directly targeted and to establish collective responsibility among prosumers as grid gatekeepers. The framework moves from a simple risk analysis based on security goals to providing guidelines for the users for adoption of adequate security countermeasures. One of the greatest advantages of the approach is that it does not constrain the user to a specific threat model.
PDF