Continuous Risk Management for Industrial IoT: a Methodological View

Adaros-Boye, Carolina and Kearney, Paul and Josephs, Mark (2020) Continuous Risk Management for Industrial IoT: a Methodological View. In: 14th International Conference on Risk and Security of Internet and Systems, 29th to 31st of October, 2019, Hammamet, Tunisia.

[img]
Preview
Text (Conference Paper)
Continuous_Risk_Management_for_Industrial_Control_Systems__a_Methodological_View_V1.0.pdf - Accepted Version

Download (893kB)

Abstract

Emergent cyber-attacks and exploits targeting Operational Technologies (OT) call for a proactive risk management approach. The convergence between OT and the Internet-of-Things in industries introduces new opportunities for cyber-attacks that have the potential to disrupt time-critical and hazardous processes. This paper proposes a methodology to adapt traditional risk management standards to work in a continuous fashion. Monitoring of risk factors is based on incident and event management tools, and misbehaviour detection to address cyber-physical systems’ security gaps. Another source of information that can enhance this approach is threat intelligence. Risks are calculated using Bayesian Networks.

Item Type: Conference or Workshop Item (Paper)
Additional Information: ISBN: 978-3-030-41568-6
Dates:
DateEvent
5 August 2019Accepted
28 February 2020Published
Uncontrolled Keywords: cybersecurity, risk monitoring, IoT, IIoT, ICS
Subjects: CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science
CAH11 - computing > CAH11-01 - computing > CAH11-01-03 - information systems
Divisions: Faculty of Computing, Engineering and the Built Environment
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Depositing User: Carolina Adaros Boye
Date Deposited: 16 Mar 2020 09:19
Last Modified: 22 Mar 2023 12:01
URI: https://www.open-access.bcu.ac.uk/id/eprint/8271

Actions (login required)

View Item View Item

Research

In this section...