Beyond Security-by-design: Securing a compromised system

• URL: http://arxiv.org/abs/2501.07207v1
• Date: Mon, 13 Jan 2025 11:01:41 GMT
• Title: Beyond Security-by-design: Securing a compromised system
• Authors: Awais Rashid, Sana Belguith, Matthew Bradbury, Sadie Creese, Ivan Flechais, Neeraj Suri,
• Abstract summary: Digital infrastructures are seeing convergence and connectivity at unprecedented scale. This is true for both current critical national infrastructures and emerging future systems that are highly cyber-physical in nature. We argue that this requires us to move beyond the paradigm of security-by-design and embrace the challenge of securing-a-compromised-system.
• Score: 19.062047726473605
• License:
• Abstract: Digital infrastructures are seeing convergence and connectivity at unprecedented scale. This is true for both current critical national infrastructures and emerging future systems that are highly cyber-physical in nature with complex intersections between humans and technologies, e.g., smart cities, intelligent transportation, high-value manufacturing and Industry 4.0. Diverse legacy and non-legacy software systems underpinned by heterogeneous hardware compose on-the-fly to deliver services to millions of users with varying requirements and unpredictable actions. This complexity is compounded by intricate and complicated supply-chains with many digital assets and services outsourced to third parties. The reality is that, at any particular point in time, there will be untrusted, partially-trusted or compromised elements across the infrastructure. Given this reality, and the societal scale of digital infrastructures, delivering secure and resilient operations is a major challenge. We argue that this requires us to move beyond the paradigm of security-by-design and embrace the challenge of securing-a-compromised-system.

Related papers

• Digital Twin for Evaluating Detective Countermeasures in Smart Grid Cybersecurity [0.0]
  This study delves into the potential of digital twins, replicating a smart grid's cyber-physical laboratory environment. We introduce a flexible, comprehensive digital twin model equipped for hardware-in-the-loop evaluations.
  arXiv  Detail & Related papers  (2024-12-05T08:41:08Z)
• Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC) ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• Cybersecurity in the Quantum Era: Assessing the Impact of Quantum Computing on Infrastructure [0.04096453902709291]
  This analysis explores the impact of quantum computing on critical infrastructure and cloud services. We advocate for proactive security strategies and collaboration between sectors to develop and implement quantum-resistant cryptography. This blueprint strengthens each area's defenses against potential quantum-induced cyber threats.
  arXiv  Detail & Related papers  (2024-04-16T15:36:23Z)
• Cybersecurity in Critical Infrastructures: A Post-Quantum Cryptography Perspective [0.0]
  Implementing cryptosystems in industrial communication networks faces a trade-off between the security of the communications and the amortization of the industrial infrastructure. New threat to cybersecurity has arisen with the theoretical proposal of quantum computers. Many global agents have become aware that transitioning their secure communications to a quantum secure paradigm is a priority that should be established before the arrival of fault-tolerance.
  arXiv  Detail & Related papers  (2024-01-08T10:02:48Z)
• Multi-Tier Computing-Enabled Digital Twin in 6G Networks [50.236861239246835]
  In Industry 4.0, industries such as manufacturing, automotive, and healthcare are rapidly adopting DT-based development. The main challenges to date have been the high demands on communication and computing resources, as well as privacy and security concerns. To achieve low latency and high security services in the emerging DT, multi-tier computing has been proposed by combining edge/fog computing and cloud computing.
  arXiv  Detail & Related papers  (2023-12-28T13:02:53Z)
• Securing the Digital World: Protecting smart infrastructures and digital industries with Artificial Intelligence (AI)-enabled malware and intrusion detection [0.0]
  cybercrime has emerged as a global threat to governments, businesses, and civil societies. This paper investigates AI-based cyber threat detection to protect our modern digital ecosystems.
  arXiv  Detail & Related papers  (2023-10-15T09:35:56Z)
• Leveraging Traceability to Integrate Safety Analysis Artifacts into the Software Development Process [51.42800587382228]
  Safety assurance cases (SACs) can be challenging to maintain during system evolution. We propose a solution that leverages software traceability to connect relevant system artifacts to safety analysis models. We elicit design rationales for system changes to help safety stakeholders analyze the impact of system changes on safety.
  arXiv  Detail & Related papers  (2023-07-14T16:03:27Z)
• Reliable AI: Does the Next Generation Require Quantum Computing? [71.84486326350338]
  We show that digital hardware is inherently constrained in solving problems about optimization, deep learning, or differential equations. In contrast, analog computing models, such as the Blum-Shub-Smale machine, exhibit the potential to surmount these limitations.
  arXiv  Detail & Related papers  (2023-07-03T19:10:45Z)
• Hyperloop: A Cybersecurity Perspective [56.82349944873289]
  We provide the first analysis of the cybersecurity challenges of the interconnections between the different components of the Hyperloop ecosystem. We investigate possible infrastructure management approaches and their security concerns. We discuss countermeasures and future directions for the security of the Hyperloop design.
  arXiv  Detail & Related papers  (2022-09-07T12:10:36Z)
• Future Computer Systems and Networking Research in the Netherlands: A Manifesto [137.47124933818066]
  We draw attention to CompSys as a vital part of ICT. Each of the Top Sectors of the Dutch Economy, each route in the National Research Agenda, and each of the UN Sustainable Development Goals pose challenges that cannot be addressed without CompSys advances.
  arXiv  Detail & Related papers  (2022-05-26T11:02:29Z)
• Safety, Security, and Privacy Threats Posed by Accelerating Trends in the Internet of Things [13.286330786426278]
  The Internet of Things (IoT) is already transforming industries, cities, and homes. The economic value of this transformation across all industries is estimated to be trillions of dollars. Alongside potential benefits of interconnected smart devices comes increased risk and potential for abuse.
  arXiv  Detail & Related papers  (2020-07-31T18:04:20Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.