Continuous Risk Management for Industrial IoT: a Methodological View

Adaros-Boye, Carolina and Kearney, Paul and Josephs, Mark (2020) Continuous Risk Management for Industrial IoT: a Methodological View. In: 14th International Conference on Risk and Security of Internet and Systems, 29th to 31st of October, 2019, Hammamet, Tunisia.

[img] Text (Conference Paper)
Continuous_Risk_Management_for_Industrial_Control_Systems__a_Methodological_View_V1.0.pdf - Accepted Version
Restricted to Repository staff only until 28 February 2021.

Download (893kB) | Request a copy

Abstract

Emergent cyber-attacks and exploits targeting Operational Technologies (OT) call for a proactive risk management approach. The convergence between OT and the Internet-of-Things in industries introduces new opportunities for cyber-attacks that have the potential to disrupt time-critical and hazardous processes. This paper proposes a methodology to adapt traditional risk management standards to work in a continuous fashion. Monitoring of risk factors is based on incident and event management tools, and misbehaviour detection to address cyber-physical systems’ security gaps. Another source of information that can enhance this approach is threat intelligence. Risks are calculated using Bayesian Networks.

Item Type: Conference or Workshop Item (Paper)
Additional Information: ISBN: 978-3-030-41568-6
Date: 28 February 2020
Uncontrolled Keywords: cybersecurity, risk monitoring, IoT, IIoT, ICS
Subjects: G400 Computer Science
G500 Information Systems
Divisions: Faculty of Computing, Engineering and the Built Environment
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology > Cyber Security
Depositing User: Carolina Adaros Boye
Date Deposited: 16 Mar 2020 09:19
Last Modified: 16 Mar 2020 11:34
URI: http://www.open-access.bcu.ac.uk/id/eprint/8271

Actions (login required)

View Item View Item

Research

In this section...