Ani, Uchenna D., Watson, Jeremy D. McK., Nurse, Jason R. C., Cook, Al, Maple, Carsten (2019) A Review of Critical Infrastructure Protection Approaches: Improving Security through Responsiveness to the Dynamic Modelling Landscape. In: Living in the Internet of Things (IoT 2019). . IET ISBN 978-1-83953-089-0. (doi:10.1049/cp.2019.0131) (KAR id:73330)
PDF
Author's Accepted Manuscript
Language: English |
|
Download this file (PDF/604kB) |
|
Request a format suitable for use with assistive technology e.g. a screenreader | |
Official URL: http://dx.doi.org/10.1049/cp.2019.0131 |
Abstract
As new technologies such as the Internet of Things (IoT) are integrated into Critical National Infrastructures (CNI), new cybersecurity threats emerge that require specific security solutions. Approaches used for analysis include the modelling and simulation of critical infrastructure systems using attributes, functionalities, operations, and behaviours to support various security analysis viewpoints, recognising and appropriately managing associated security risks. With several critical infrastructure protection approaches available, the question of how to effectively model the complex behaviour of interconnected CNI elements and to configure their protection as a system-of-systems remains a challenge. Using a systematic review approach, existing critical infrastructure protection approaches (tools and techniques) are examined to determine their suitability given trends like IoT, and effective security modelling and analysis issues. It is found that empirical-based, agent-based, system dynamics-based, and network-based modelling are more commonly applied than economic-based and equation-based techniques, and empirical-based modelling is the most widely used. The energy and transportation critical infrastructure sectors reflect the most responsive sectors, and no one Critical Infrastructure Protection (CIP) approach – tool, technique, methodology or framework – provides a ‘fit-for-all’ capacity for all-round attribute modelling and simulation of security risks. Typically, deciding factors for CIP choices to adopt are often dominated by trade-offs between ‘complexity of use’ and ‘popularity of approach’, as well as between ‘specificity’ and ‘generality’ of application in sectors. Improved security modelling is feasible via; appropriate tweaking of CIP approaches to include a wider scope of security risk management, functional responsiveness to interdependency, resilience and policy formulation requirements, and collaborative information sharing between public and private sectors.
Item Type: | Conference or workshop item (Proceeding) |
---|---|
DOI/Identification number: | 10.1049/cp.2019.0131 |
Uncontrolled keywords: | critical infrastructure modelling, critical infrastructure protection, security modelling and simulation,IoT Modelling,CNI cybersecurity, cyber resilience modelling |
Subjects: |
Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, T Technology T Technology > TJ Mechanical engineering and machinery |
Divisions: |
Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Engineering and Digital Arts |
Depositing User: | Jason Nurse |
Date Deposited: | 02 Apr 2019 15:15 UTC |
Last Modified: | 05 Nov 2024 12:36 UTC |
Resource URI: | https://kar.kent.ac.uk/id/eprint/73330 (The current URI for this page, for reference purposes) |
- Link to SensusAccess
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):