Browsing by Keyword "cyber security"
Now showing 1 - 2 of 2
Results Per Page
Sort Options
Item Information Security Risk Assessment Methodology for Industrial Systems Supporting ISA/IEC 62443 Compliance(Institute of Electrical and Electronics Engineers Inc., 2023) Iturbe, Eider; Rios, Erkuden; Mansell, Jason; Toledo, Nerea; CIBERSEC&DLTIn the context of Industry 4.0, digitalization is one of the key ingredients to foster economic growth and competitiveness of the industrial sector. But the speed in which digitalization is coming into play as well as the growing use of novel technologies such as Cyber Physical Systems (CPSs), Industrial Internet of Things (IIoT) and artificial intelligence techniques, comes hand by hand, with the increase in the attack vectors to these industries. So now, more than ever, there is a need for clear and reusable methodologies that support security experts in identifying the threats as well as the required measures to secure next-generation industrial infrastructures and solutions. This paper presents a risk assessment methodology for security and privacy of industrial solutions which systematises the activities to be carried out in a technology-, system-, and domain-agnostic manner and, thus, it can be reused in multiple types of systems. The methodology supports the compliance with the industrial cybersecurity standard ISA/IEC 62443.Item A Multi-layer Approach through Threat Modelling and Attack Simulation for Enhanced Cyber Security Assessment(Association for Computing Machinery, 2024-07-30) Iturbe, Eider; Arcas, Javier; Rios, Erkuden; Toledo, Nerea; CIBERSEC&DLT; Medical TechnologiesThere is a growing concern about the dynamic landscape of cyber security threats escalating, and the need for improvement in defence capabilities against emerging sophisticated incidents. In response, this paper presents a solution called the Cyber Incident Simulation System, which enables system security engineers to simulate cyber-physical attacks and incidents without the requirement to affect or disrupt the ongoing business operation of the system. Leveraging graph-based threat modelling and AI-generated incident data, the system empowers professionals to predict the effect of the incident within the system under study. The synthetic data is used by anomaly-based Intrusion Detection Systems (IDSs) and other additional security controls to improve their detection algorithms to enhance their accuracy and effectiveness. The Cyber Incident Simulation System is designed to enhance the cyber security measures through the simulation of various incident scenarios.