posted on 2016-09-29, 19:10authored byxavier bellekensxavier bellekens, robert atkinson, amar seeam, christos tachtatzis, ivan andonovic, kamila nieradzinska
The Internet of Things (IoT) and the number
of sensors integrated within safety critical environments is
increasing exponentially. System designers employ off-the-shelf
hardware to reduce development time and cost, however, the early
adoption of consumer hardware and software raises numerous
security questions. Several successful attacks and threats to
critical infrastructures have been reported. This paper reviews
safety-critical applications in aviation, connected cars and power
plants. An engineering development roadmap is proposed with
cyber-security in mind from “cradle-to-grave” rather than an
afterthought. The development roadmap introduces a cybersecurity
review at each design step to strengthen the robustness of
IoT hardware and software. However, considering these systems
have an extremely long lifetime (>20 years), secure maintenance
and integrity of ageing infrastructure is usually a secondary
consideration. The paper proposes the use of a cyclic cyberphysical
security model after system commissioning that allows
knowledge transfer between regulatory bodies through sharing
of best practices. The sharing will enable system operators to
identify exploits encountered from other industries and maintain
high security levels and improve the IoT architectures.