Continuous Risk Management for Industrial IoT: a Methodological View
Adaros-Boye, Carolina and Kearney, Paul and Josephs, Mark (2020) Continuous Risk Management for Industrial IoT: a Methodological View. In: 14th International Conference on Risk and Security of Internet and Systems, 29th to 31st of October, 2019, Hammamet, Tunisia.
Preview |
Text (Conference Paper)
Continuous_Risk_Management_for_Industrial_Control_Systems__a_Methodological_View_V1.0.pdf - Accepted Version Download (893kB) |
Abstract
Emergent cyber-attacks and exploits targeting Operational Technologies (OT) call for a proactive risk management approach. The convergence between OT and the Internet-of-Things in industries introduces new opportunities for cyber-attacks that have the potential to disrupt time-critical and hazardous processes. This paper proposes a methodology to adapt traditional risk management standards to work in a continuous fashion. Monitoring of risk factors is based on incident and event management tools, and misbehaviour detection to address cyber-physical systems’ security gaps. Another source of information that can enhance this approach is threat intelligence. Risks are calculated using Bayesian Networks.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Additional Information: | ISBN: 978-3-030-41568-6 |
| Dates: | Date Event 5 August 2019 Accepted 28 February 2020 Published |
| Uncontrolled Keywords: | cybersecurity, risk monitoring, IoT, IIoT, ICS |
| Subjects: | CAH11 - computing > CAH11-01 - computing > CAH11-01-01 - computer science CAH11 - computing > CAH11-01 - computing > CAH11-01-03 - information systems |
| Divisions: | Faculty of Computing, Engineering and the Built Environment Faculty of Computing, Engineering and the Built Environment > College of Computing |
| Depositing User: | Carolina Adaros Boye |
| Date Deposited: | 16 Mar 2020 09:19 |
| Last Modified: | 22 Mar 2023 12:01 |
| URI: | https://www.open-access.bcu.ac.uk/id/eprint/8271 |
Actions (login required)
 |
View Item |
Tools
Tools
