Rosado, David and Santos Olmo, Antonio and Sanchez, Luis Enrique and Serrano, Manuel and Blanco, Carlos and Mouratidis, Haralambos and Fernandez-Medina, Eduardo (2022) Managing cybersecurity risks of cyber-physical systems: The MARISMA-CPS pattern. Computers in Industry, 142. p. 103715. DOI https://doi.org/10.1016/j.compind.2022.103715
Rosado, David and Santos Olmo, Antonio and Sanchez, Luis Enrique and Serrano, Manuel and Blanco, Carlos and Mouratidis, Haralambos and Fernandez-Medina, Eduardo (2022) Managing cybersecurity risks of cyber-physical systems: The MARISMA-CPS pattern. Computers in Industry, 142. p. 103715. DOI https://doi.org/10.1016/j.compind.2022.103715
Rosado, David and Santos Olmo, Antonio and Sanchez, Luis Enrique and Serrano, Manuel and Blanco, Carlos and Mouratidis, Haralambos and Fernandez-Medina, Eduardo (2022) Managing cybersecurity risks of cyber-physical systems: The MARISMA-CPS pattern. Computers in Industry, 142. p. 103715. DOI https://doi.org/10.1016/j.compind.2022.103715
Abstract
Cyber-physical systems (CPSs) are smart systems that include engineered interacting networks of physical and computational components. CPSs have an increasingly presence on critical infrastructures and an impact in almost every aspect of our daily life, including transportation, healthcare, electric power, and advanced manufacturing. However, CPSs face a growing and serious security issue due to the widespread connectivity between the cyber world and the physical world. Although risk assessment methods for traditional IT systems are now very mature, these are not adequate for risk assessment of CPSs due to the different characteristics of the later. As such, there is an urgent need to define approaches that will adequately support risk assessment for CPSs. To contribute to this important challenge, we propose a novel risk analysis technique for CPSs based on MARISMA, a security management methodology, and eMARISMA, a technological environment in the cloud. Our work contributes to the state of the art through the definition of the MARISMA-CPS pattern that incorporates a set of reusable and adaptable elements that allows risks in CPSs to be managed and controlled, which is aligned with the main CPSs frameworks, such as those defined by NIST and ENISA. A case study for a smart hospital is presented, showing how the reusability and adaptability of the proposal allows the proposed MARISMA-CPS pattern to be easily adapted to any CPS environment. Such adaptability is important to ensure wide application in the domain of CPSs.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | Risk analysis; Risk assessment; MARISMA; Cyber-physical system |
Divisions: | Faculty of Science and Health Faculty of Science and Health > Computer Science and Electronic Engineering, School of |
SWORD Depositor: | Unnamed user with email elements@essex.ac.uk |
Depositing User: | Unnamed user with email elements@essex.ac.uk |
Date Deposited: | 22 Nov 2022 11:52 |
Last Modified: | 30 Oct 2024 20:48 |
URI: | http://repository.essex.ac.uk/id/eprint/33036 |
Available files
Filename: 1-s2.0-S0166361522001129-main.pdf
Licence: Creative Commons: Attribution-Noncommercial-No Derivative Works 3.0