Paper Type

Complete

Abstract

The level of security vulnerabilities has grown recently due to rapid advancements in technology and the failure of supposedly secure systems. Every system in the industrial control systems and operational technology environment encounters difficulties in managing complex networks, being susceptible to attacks from both internal and external sources, and meeting nonfunctional requirements to avert undesirable consequences. It becomes challenging to mitigate such risks when dealing with proficient attackers. To increase resilience, it is crucial to design a system architecture that is (cyber) secure. For this purpose, we propose the Cyber Threat & Risk Intelligence template (“CyTRI”) as a cyber-security solution that analyzes the activities of adversaries who gain access to the system by modeling threats and hypothesizing potential attack scenarios. The template complies with IEC 62443 to secure industrial control systems, investigate and identify potential threats to the system, and implement security measures commonly referred to as security-by-design.

Paper Number

1497

Comments

SIGSEC

Share

COinS
Top 25 Paper Badge
 
Aug 16th, 12:00 AM

CyTRI – Fostering Security Measures Against Emerging Cyber Threats

The level of security vulnerabilities has grown recently due to rapid advancements in technology and the failure of supposedly secure systems. Every system in the industrial control systems and operational technology environment encounters difficulties in managing complex networks, being susceptible to attacks from both internal and external sources, and meeting nonfunctional requirements to avert undesirable consequences. It becomes challenging to mitigate such risks when dealing with proficient attackers. To increase resilience, it is crucial to design a system architecture that is (cyber) secure. For this purpose, we propose the Cyber Threat & Risk Intelligence template (“CyTRI”) as a cyber-security solution that analyzes the activities of adversaries who gain access to the system by modeling threats and hypothesizing potential attack scenarios. The template complies with IEC 62443 to secure industrial control systems, investigate and identify potential threats to the system, and implement security measures commonly referred to as security-by-design.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.