The introduction of Internet of Things (IoT) devices into industrial Cyber-Physical Systems (CPS) is associated with a multitude of potential vulnerabilities that can cause disruptions to industrial operations. Cyber-resilience countermeasures are required to minimize disruptive effects by not only preventing threats, but also by responding effectively when disruptive events occur. This article reports a survey to synthesize current strategies to guarantee cyber-resilience of CPS integrating IoT devices. According to the scientific literature, the following cyber-resilience aspects attract the attention of the researchers: i) risk identification and assessment; ii) implementation of risk treatment measures; iii) threat monitoring and detection; and iv) response and recovery. Threat monitoring and detection deserves the highest attention and the application of machine and deep learning techniques to detect anomalies and cyber-attacks is a current research trend on the topic. In turn, research related to automated continuous risk assessment and to the maximization of response and recovery capacities is still residual. Moreover, the experimental designs to assess the proposed solutions have limitations.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Cyber-Resilience of Cyber-Physical Systems Integrating Internet of Things Devices: A Survey

  • João Pavão,
  • Rute Bastardo,
  • Nelson Pacheco Rocha

摘要

The introduction of Internet of Things (IoT) devices into industrial Cyber-Physical Systems (CPS) is associated with a multitude of potential vulnerabilities that can cause disruptions to industrial operations. Cyber-resilience countermeasures are required to minimize disruptive effects by not only preventing threats, but also by responding effectively when disruptive events occur. This article reports a survey to synthesize current strategies to guarantee cyber-resilience of CPS integrating IoT devices. According to the scientific literature, the following cyber-resilience aspects attract the attention of the researchers: i) risk identification and assessment; ii) implementation of risk treatment measures; iii) threat monitoring and detection; and iv) response and recovery. Threat monitoring and detection deserves the highest attention and the application of machine and deep learning techniques to detect anomalies and cyber-attacks is a current research trend on the topic. In turn, research related to automated continuous risk assessment and to the maximization of response and recovery capacities is still residual. Moreover, the experimental designs to assess the proposed solutions have limitations.