Final published version
Licence: CC BY: Creative Commons Attribution 4.0 International License
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Assessing the security of internet-connected critical infrastructures
AU - Ghani, H.
AU - Khelil, A.
AU - Suri, Neeraj
AU - Csertán, G.
AU - Gönczy, L.
AU - Urbanics, G.
AU - Clarke, J.
PY - 2014/12/1
Y1 - 2014/12/1
N2 - Because the Internet of Things (IoT) pervasively extends to all facets of life, the "things" are increasingly extending to include the interconnection of the Internet to critical infrastructures (CIs) such as telecommunication, power grid, transportation, e-commerce systems, and others. The objective of this paper is twofold: (i) addressing IoT from a CI protection (CIP) and connectivity viewpoint, and (ii) highlighting the need for security quantification to improve the quality of protection (QoP) of CIs. Using a financial infrastructure as an example, a CIP and trust quantification perspective is built up. To this end, we are developing a novel security metrics-based approach to assess and thereon enhance the CIP. We focus on the communication level of the CI where IoT is playing an increasingly important role with respect to sensing and communication across CI elements. Determining the security and dependability level of the communication over the CI constitutes a basic precondition for assessing the QoP of the whole CI, which is needed for any efforts to improve this QoP. Because metrics play a central role for such quantification, this paper develops their QoP use from an IoT perspective, and a reference implementation along with experimental results is presented.
AB - Because the Internet of Things (IoT) pervasively extends to all facets of life, the "things" are increasingly extending to include the interconnection of the Internet to critical infrastructures (CIs) such as telecommunication, power grid, transportation, e-commerce systems, and others. The objective of this paper is twofold: (i) addressing IoT from a CI protection (CIP) and connectivity viewpoint, and (ii) highlighting the need for security quantification to improve the quality of protection (QoP) of CIs. Using a financial infrastructure as an example, a CIP and trust quantification perspective is built up. To this end, we are developing a novel security metrics-based approach to assess and thereon enhance the CIP. We focus on the communication level of the CI where IoT is playing an increasingly important role with respect to sensing and communication across CI elements. Determining the security and dependability level of the communication over the CI constitutes a basic precondition for assessing the QoP of the whole CI, which is needed for any efforts to improve this QoP. Because metrics play a central role for such quantification, this paper develops their QoP use from an IoT perspective, and a reference implementation along with experimental results is presented.
KW - Critical infrastructure protection (CIP)
KW - Internet of things (IoT)
KW - Metrics
KW - Overlay networks
KW - Security monitoring
KW - Service level agreements (SLAs)
KW - Critical infrastructures
KW - Electric power transmission networks
KW - Outsourcing
KW - Public works
KW - Critical infrastructure protection
KW - Internet of Things (IOT)
KW - Service level agreement (SLAs)
KW - Internet of things
U2 - 10.1002/sec.399
DO - 10.1002/sec.399
M3 - Journal article
VL - 7
SP - 2713
EP - 2725
JO - Security and Communication Networks
JF - Security and Communication Networks
SN - 1939-0114
IS - 12
ER -