IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v16y2024i11p418-d1519174.html
   My bibliography  Save this article

A Methodological Approach to Securing Cyber-Physical Systems for Critical Infrastructures

Author

Listed:
  • Antonello Calabrò

    (Istituto di Scienza e Tecnologie dell’Informazione (ISTI), Consiglio Nazionale Delle Ricerche (CNR), 56124 Pisa, Italy)

  • Enrico Cambiaso

    (Istituto di Elettronica e di Ingegneria dell Informazione e delle Telecomunicazioni (IEIIT), Consiglio Nazionale Delle Ricerche (CNR), 10129 Torino, Italy)

  • Manuel Cheminod

    (Istituto di Elettronica e di Ingegneria dell Informazione e delle Telecomunicazioni (IEIIT), Consiglio Nazionale Delle Ricerche (CNR), 10129 Torino, Italy)

  • Ivan Cibrario Bertolotti

    (Istituto di Elettronica e di Ingegneria dell Informazione e delle Telecomunicazioni (IEIIT), Consiglio Nazionale Delle Ricerche (CNR), 10129 Torino, Italy)

  • Luca Durante

    (Istituto di Elettronica e di Ingegneria dell Informazione e delle Telecomunicazioni (IEIIT), Consiglio Nazionale Delle Ricerche (CNR), 10129 Torino, Italy)

  • Agostino Forestiero

    (Istituto di Calcolo e Reti ad Alte Prestazioni (ICAR), Consiglio Nazionale Delle Ricerche (CNR), 87036 Rende, Italy)

  • Flavio Lombardi

    (Istituto per le Applicazioni del Calcolo (IAC), Consiglio Nazionale Delle Ricerche (CNR), 00185 Roma, Italy)

  • Giuseppe Manco

    (Istituto di Calcolo e Reti ad Alte Prestazioni (ICAR), Consiglio Nazionale Delle Ricerche (CNR), 87036 Rende, Italy)

  • Eda Marchetti

    (Istituto di Scienza e Tecnologie dell’Informazione (ISTI), Consiglio Nazionale Delle Ricerche (CNR), 56124 Pisa, Italy)

  • Albina Orlando

    (Istituto per le Applicazioni del Calcolo (IAC), Consiglio Nazionale Delle Ricerche (CNR), 00185 Roma, Italy)

  • Giuseppe Papuzzo

    (Istituto di Calcolo e Reti ad Alte Prestazioni (ICAR), Consiglio Nazionale Delle Ricerche (CNR), 87036 Rende, Italy)

Abstract

Modern ICT infrastructures, i.e., cyber-physical systems and critical infrastructures relying on interconnected IT (Information Technology)- and OT (Operational Technology)-based components and (sub-)systems, raise complex challenges in tackling security and safety issues. Nowadays, many security controls and mechanisms have been made available and exploitable to solve specific security needs, but, when dealing with very complex and multifaceted heterogeneous systems, a methodology is needed on top of the selection of each security control that will allow the designer/maintainer to drive her/his choices to build and keep the system secure as a whole, leaving the choice of the security controls to the last step of the system design/development. This paper aims at providing a comprehensive methodological approach to design and preliminarily implement an Open Platform Architecture (OPA) to secure the cyber-physical systems of critical infrastructures. Here, the Open Platform Architecture (OPA) depicts how an already existing or under-design target system (TS) can be equipped with technologies that are modern or currently under development, to monitor and timely detect possibly dangerous situations and to react in an automatic way by putting in place suitable countermeasures. A multifaceted use case (UC) that is able to show the OPA, starting from the security and safety requirements to the fully designed system, will be developed step by step to show the feasibility and the effectiveness of the proposed methodology.

Suggested Citation

  • Antonello Calabrò & Enrico Cambiaso & Manuel Cheminod & Ivan Cibrario Bertolotti & Luca Durante & Agostino Forestiero & Flavio Lombardi & Giuseppe Manco & Eda Marchetti & Albina Orlando & Giuseppe Pap, 2024. "A Methodological Approach to Securing Cyber-Physical Systems for Critical Infrastructures," Future Internet, MDPI, vol. 16(11), pages 1-19, November.
  • Handle: RePEc:gam:jftint:v:16:y:2024:i:11:p:418-:d:1519174
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/16/11/418/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/1999-5903/16/11/418/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Michel Dacorogna & Marie Kratz, 2023. "Managing cyber risk, a science in the making," Scandinavian Actuarial Journal, Taylor & Francis Journals, vol. 2023(10), pages 1000-1021, November.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Matteo Malavasi & Gareth W. Peters & Stefan Treuck & Pavel V. Shevchenko & Jiwook Jang & Georgy Sofronov, 2024. "Cyber Risk Taxonomies: Statistical Analysis of Cybersecurity Risk Classifications," Papers 2410.05297, arXiv.org.
    2. Dacorogna, Michel & Debbabi, Nehla & Kratz, Marie, 2023. "Building up cyber resilience by better grasping cyber risk via a new algorithm for modelling heavy-tailed data," European Journal of Operational Research, Elsevier, vol. 311(2), pages 708-729.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:16:y:2024:i:11:p:418-:d:1519174. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.