University of Limerick Institutional Repository

I’ve seen this before: sharing cyber-physical incident knowledge

DSpace Repository

Show simple item record Alrimawi, Faeq Pasquale, Liliana Mehta, Deepak Nuseibeh, Bashar 2018-12-18T16:26:26Z 2018-12-18T16:26:26Z 2018
dc.description peer-reviewed en_US
dc.description.abstract An increasing number of security incidents in cyber-physical systems (CPSs) arise from the exploitation of cyber and physical components of such systems. Knowledge about how such incidents arose is rarely captured and used systematically to enhance security and support future incident investigations. In this paper, we propose an approach to represent and share incidents knowledge. Our approach captures incident patterns – common aspects of incidents occurring in different CPSs. Our approach then allows incident patterns to be instantiated for different systems to assess if and how such patterns can manifest again. To support our approach, we provide two meta-models that represent, respectively, incident patterns and the cyber-physical systems themselves. The incident meta-model captures the characteristics of incidents, such as assets and activities. The system meta-model captures cyber and physical components and their interactions, which may be exploited during an incident. We demonstrate the feasibility of our approach in the application domain of smart buildings, by tailoring the system meta-model to represent components and interactions in this domain. en_US
dc.language.iso eng en_US
dc.publisher Association for Computing Machinery en_US
dc.relation 291652 en_US
dc.relation.ispartofseries SEAD '18 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment;pp. 33-40
dc.rights © ACM, 2018. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in SEAD '18 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment, pp. 33-40, en_US
dc.subject cyber-physical systems en_US
dc.subject incident pattern en_US
dc.subject smart buildings en_US
dc.subject meta-model en_US
dc.title I’ve seen this before: sharing cyber-physical incident knowledge en_US
dc.type info:eu-repo/semantics/conferenceObject en_US
dc.type.supercollection all_ul_research en_US
dc.type.supercollection ul_published_reviewed en_US
dc.identifier.doi 10.1145/3194707.3194714
dc.contributor.sponsor ERC en_US
dc.relation.projectid 291652 en_US
dc.relation.projectid 10/CE/I1855 en_US
dc.relation.projectid 13/RC/2094 en_US
dc.relation.projectid 15/SIRG/3501 en_US
dc.rights.accessrights info:eu-repo/semantics/openAccess en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search ULIR


My Account