Home > Research > Publications & Outputs > On the role of latent design conditions in cybe...

Electronic data

  • SeCPS

    Rights statement: © ACM, 2016. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems http://dx.doi.org/10.1145/2897035.2897036

    Accepted author manuscript, 269 KB, PDF document

    Available under license: None

Links

Text available via DOI:

View graph of relations

On the role of latent design conditions in cyber-physical systems security

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Published

Standard

On the role of latent design conditions in cyber-physical systems security. / Frey, Sylvain; Rashid, Awais; Zanutto, Alberto; Busby, Jeremy Simon; Szmagalska-Follis, Karolina.

SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systemss, SEsCPS 2015, Austin, Texas. New York : ACM, 2016. p. 43-46.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Harvard

Frey, S, Rashid, A, Zanutto, A, Busby, JS & Szmagalska-Follis, K 2016, On the role of latent design conditions in cyber-physical systems security. in SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systemss, SEsCPS 2015, Austin, Texas. ACM, New York, pp. 43-46. https://doi.org/10.1145/2897035.2897036

APA

Frey, S., Rashid, A., Zanutto, A., Busby, J. S., & Szmagalska-Follis, K. (2016). On the role of latent design conditions in cyber-physical systems security. In SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systemss, SEsCPS 2015, Austin, Texas (pp. 43-46). New York: ACM. https://doi.org/10.1145/2897035.2897036

Vancouver

Frey S, Rashid A, Zanutto A, Busby JS, Szmagalska-Follis K. On the role of latent design conditions in cyber-physical systems security. In SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systemss, SEsCPS 2015, Austin, Texas. New York: ACM. 2016. p. 43-46 https://doi.org/10.1145/2897035.2897036

Author

Frey, Sylvain ; Rashid, Awais ; Zanutto, Alberto ; Busby, Jeremy Simon ; Szmagalska-Follis, Karolina. / On the role of latent design conditions in cyber-physical systems security. SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systemss, SEsCPS 2015, Austin, Texas. New York : ACM, 2016. pp. 43-46

Bibtex

@inproceedings{193abe699464423fa8453b34eb641bf3,
title = "On the role of latent design conditions in cyber-physical systems security",
abstract = "As cyber-physical systems (CPS) become prevalent in everyday life, it is critical to understand the factors that may impact the security of such systems. In this paper, we present insights from an initial study of historical security incidents to analyse such factors for a particular class of CPS: industrial control systems (ICS). Our study challenges the usual tendency to blame human fallibility or resort to simple explanations for what are often complex issues that lead to a security incident. We highlight that (i) perception errors are key in such incidents (ii) latent design conditions -- e.g., improper specifications of a system's borders and capabilities -- play a fundamental role in shaping perceptions, leading to security issues. Such design-time considerations are particularly critical for ICS, the life-cycle of which is usually measured in decades. Based on this analysis, we discuss how key characteristics of future smart CPS in such industrial settings can pose further challenges with regards to tackling latent design flaws.",
author = "Sylvain Frey and Awais Rashid and Alberto Zanutto and Busby, {Jeremy Simon} and Karolina Szmagalska-Follis",
note = "{\circledC} ACM, 2016. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems http://dx.doi.org/10.1145/2897035.2897036",
year = "2016",
month = "5",
day = "14",
doi = "10.1145/2897035.2897036",
language = "English",
isbn = "9781450341714",
pages = "43--46",
booktitle = "SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systemss, SEsCPS 2015, Austin, Texas",
publisher = "ACM",

}

RIS

TY - GEN

T1 - On the role of latent design conditions in cyber-physical systems security

AU - Frey, Sylvain

AU - Rashid, Awais

AU - Zanutto, Alberto

AU - Busby, Jeremy Simon

AU - Szmagalska-Follis, Karolina

N1 - © ACM, 2016. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems http://dx.doi.org/10.1145/2897035.2897036

PY - 2016/5/14

Y1 - 2016/5/14

N2 - As cyber-physical systems (CPS) become prevalent in everyday life, it is critical to understand the factors that may impact the security of such systems. In this paper, we present insights from an initial study of historical security incidents to analyse such factors for a particular class of CPS: industrial control systems (ICS). Our study challenges the usual tendency to blame human fallibility or resort to simple explanations for what are often complex issues that lead to a security incident. We highlight that (i) perception errors are key in such incidents (ii) latent design conditions -- e.g., improper specifications of a system's borders and capabilities -- play a fundamental role in shaping perceptions, leading to security issues. Such design-time considerations are particularly critical for ICS, the life-cycle of which is usually measured in decades. Based on this analysis, we discuss how key characteristics of future smart CPS in such industrial settings can pose further challenges with regards to tackling latent design flaws.

AB - As cyber-physical systems (CPS) become prevalent in everyday life, it is critical to understand the factors that may impact the security of such systems. In this paper, we present insights from an initial study of historical security incidents to analyse such factors for a particular class of CPS: industrial control systems (ICS). Our study challenges the usual tendency to blame human fallibility or resort to simple explanations for what are often complex issues that lead to a security incident. We highlight that (i) perception errors are key in such incidents (ii) latent design conditions -- e.g., improper specifications of a system's borders and capabilities -- play a fundamental role in shaping perceptions, leading to security issues. Such design-time considerations are particularly critical for ICS, the life-cycle of which is usually measured in decades. Based on this analysis, we discuss how key characteristics of future smart CPS in such industrial settings can pose further challenges with regards to tackling latent design flaws.

U2 - 10.1145/2897035.2897036

DO - 10.1145/2897035.2897036

M3 - Conference contribution/Paper

SN - 9781450341714

SP - 43

EP - 46

BT - SEsCPS '16 Proceedings of the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systemss, SEsCPS 2015, Austin, Texas

PB - ACM

CY - New York

ER -