Construction projects increasingly utilize operational technologies (OT), such as autonomous or remote-controlled machinery, single-task robots, drones, and 3D concrete printers. While this integration enhances productivity, quality, and safety on construction sites, it also expands the cyberattack surface, exposing construction processes to significant cyber threats. Numerous cybersecurity standards, guidelines, and frameworks have been published by private and governmental institutions to address such threats focusing on different aspects, and they have been commonly utilized in industries such as finance, manufacturing, and energy. Since OT integration in the construction sector is relatively new, using these documents requires understanding the digital transformation of construction processes, different types of OT utilized, and their cybersecurity implications. Given the growing number of available documents addressing different cybersecurity aspects and technology types, a systematic approach is needed to identify relevant documents for different scenarios efficiently. For this purpose, this paper proposes a novel cybersecurity taxonomy for OT used in construction. The taxonomy is presented as a structured table, where columns list various OT types and components used in construction projects, and rows present different processes utilizing OT. Each cell within this table is populated by mapping relevant cybersecurity documents, facilitating their identification across various construction scenarios. The proposed taxonomy lays the groundwork for more effective and widespread use of cybersecurity standards and frameworks in the construction sector.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Cybersecurity Taxonomy for Operational Technology in Construction

  • Muammer Semih Sonkor,
  • Borja García de Soto

摘要

Construction projects increasingly utilize operational technologies (OT), such as autonomous or remote-controlled machinery, single-task robots, drones, and 3D concrete printers. While this integration enhances productivity, quality, and safety on construction sites, it also expands the cyberattack surface, exposing construction processes to significant cyber threats. Numerous cybersecurity standards, guidelines, and frameworks have been published by private and governmental institutions to address such threats focusing on different aspects, and they have been commonly utilized in industries such as finance, manufacturing, and energy. Since OT integration in the construction sector is relatively new, using these documents requires understanding the digital transformation of construction processes, different types of OT utilized, and their cybersecurity implications. Given the growing number of available documents addressing different cybersecurity aspects and technology types, a systematic approach is needed to identify relevant documents for different scenarios efficiently. For this purpose, this paper proposes a novel cybersecurity taxonomy for OT used in construction. The taxonomy is presented as a structured table, where columns list various OT types and components used in construction projects, and rows present different processes utilizing OT. Each cell within this table is populated by mapping relevant cybersecurity documents, facilitating their identification across various construction scenarios. The proposed taxonomy lays the groundwork for more effective and widespread use of cybersecurity standards and frameworks in the construction sector.