The digital revolution has made people more dependent on ICT technology to perform everyday tasks, whether at home or at work. The systems that support critical aspects of this smart way of living are characterized as critical, and the security level of such systems is higher as compared to others. The definition of the criticality of a system is a rather difficult exercise, and for that reason, we have seen novel cybersecurity regulations to introduce the idea of digital managed services, which include security monitoring, managed network services, or the outsourcing of business processes that are are critical to the functioning, reliability, and availability of Critical National Infrastructures (CNIs). Moreover, ENISA recently issued a new report that deals with supply chain attacks. Those attacks target any chain of the ecosystem of processes, people, organizations, and distributors involved in the creation and delivery of a final solution or product that can be used or incorporated into a CNI, thus further extending the scope of the security posture of a system

Ferrag, Mohamed Amine

Janicke, Helge

Maglaras, Leandros

English

Research Online @ ECU

Edith Cowan University Research Online Research outputs 2022 to 2026 10-1-2022 Combining security and reliability of critical infrastructures: The concept of securability Leandros Maglaras Helge Janicke Edith Cowan University, h.janicke@ecu.edu.au Mohamed Amine Ferrag Follow this and additional works at: https://ro.ecu.edu.au/ecuworks2022-2026  Part of the Information Security Commons 10.3390/app122010387 Maglaras, L., Janicke, H., & Ferrag, M. A. (2022). Combining security and reliability of critical infrastructures: The concept of securability. Applied Sciences, 12(20), Article 10387. https://doi.org/10.3390/app122010387 This Editorial is posted at Research Online. https://ro.ecu.edu.au/ecuworks2022-2026/1567 Citation: Maglaras, L.; Janicke, H.;Ferrag, M.A. Combining Security andReliability of Critical Infrastructures:The Concept of Securability. Appl. Sci.2022, 12, 10387. https://doi.org/10.3390/app122010387Received: 8 October 2022Accepted: 13 October 2022Published: 15 October 2022Publisher’s Note: MDPI stays neutralwith regard to jurisdictional claims inpublished maps and institutional affil-iations.Copyright: © 2022 by the authors.Licensee MDPI, Basel, Switzerland.This article is an open access articledistributed under the terms andconditions of the Creative CommonsAttribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).applied  sciencesEditorialCombining Security and Reliability of Critical Infrastructures:The Concept of SecurabilityLeandros Maglaras 1,* , Helge Janicke 2 and Mohamed Amine Ferrag 31 School of Computer Science and Informatics, De Montfort University, Leicester LE1 9BH, UK2 Cyber Security Cooperative Research Centre, Edith Cowan University, Perth 6027, Australia3 Department of Computer Science, Guelma University, Guelma 24000, Algeria* Correspondence: leandros.maglaras@dmu.ac.ukThe digital revolution has made people more dependent on ICT technology to performeveryday tasks, whether at home or at work. The systems that support critical aspects ofthis smart way of living are characterized as critical, and the security level of such systems ishigher as compared to others. The definition of the criticality of a system is a rather difficultexercise, and for that reason, we have seen novel cybersecurity regulations to introduce theidea of digital managed services [1], which include security monitoring, managed networkservices, or the outsourcing of business processes that are are critical to the functioning,reliability, and availability of Critical National Infrastructures (CNIs). Moreover, ENISArecently issued a new report that deals with supply chain attacks [2]. Those attacks targetany chain of the ecosystem of processes, people, organizations, and distributors involvedin the creation and delivery of a final solution or product that can be used or incorporatedinto a CNI, thus further extending the scope of the security posture of a system.The cybersecurity posture of system or infrastructure can be measured using severalmethods, including risk management, maturity assessment [3], or posture assessment.Using well-established cybersecurity frameworks such as NIST or ISO, an organization canestablish an effective information management system, systematize cybersecurity controls,and improve the security of an organization. These frameworks can be very efficient inhelping organizations understand the risks they face, analyze their vulnerabilities andorganize their security countermeasures and mitigation plans [4]. The adaptation of thosemodels to specific areas such as banking, healthcare, maritime, or critical components suchas industrial systems is still needed [5] in order to achieve better mapping of the systemprocesses and functions.Reliability, on the other hand, is a measure to estimate the success of a system toperform according to its specifications in terms of time and operation conditions. Thereliability is defined as the probability that the system will perform in an adequate mannerfor a predefined time period. The adequate operation of the system depends on therequirements of the application that are offered by the system. In order to define thereliability of the system, we need to have a very good understanding of the componentsthat comprise the system and the way that these components operate. In order to define thereliability of a system, we need to calculate the reliability of each subsystem or entity andtheir interconnections and inter-dependencies. The reliability of the system is combinedwith several metrics such as the Mean Time to Failure (MTTF) and the Mean Time to Repair(MTTR), among others. Reliability analysis and optimization have been used for many yearsfor the development of highly critical systems. In general, reliability evaluation methodscan be categorized into two main groups: analytical and simulation-based techniques [6].The effectiveness of reliability theory in mapping the operation of complex systems,and thus developing highly stable ones, can be used as a basis for the introduction of thesecurability of systems. Securability can be a metric to represent the ability of the systemto operate in a secure manner according to the requirements of the offered services byAppl. Sci. 2022, 12, 10387. https://doi.org/10.3390/app122010387 https://www.mdpi.com/journal/applsciAppl. Sci. 2022, 12, 10387 2 of 4incorporating the basic concepts of reliability. Since errors and failures are factors thataffect the correct operation of system, those can and should be part of the securabilityanalysis. The idea of securability lies in the triptych analysis, prediction, and optimization.Concepts such as Mean Time to Attack (MTTA) and Mean Time to Recovery (MTTR) (whichare based on the existing incident response and mitigation plans) could be used in orderto represent the operation of the system being analyzed. Some first attempts towardsthis direction have already been made through the use of patterns that combine securityand reliability [7] and attack prediction using Markov models [8]. What is missing and isexpected to be introduced in the following years is new methodologies that could define thesystem requirements by incorporating security (and privacy) with reliability (and safety),introducing a new research area under the broad term of securability.This editorial presents the manuscripts accepted, after a careful peer-review process,for publication in the topic “Cyber Security and Critical Infrastructures” of the MDPIjournals Applied Sciences, Electronics, Future Internet, Sensors, and Smart Cities. The secondvolume includes sixteen articles: one editorial article and fifteen original research papersdescribing current challenges, innovative solutions, and real-world experiences involvingcybersecurity issues in critical infrastructures.One major aspect of a smart city involves traffic management using ICT technologies.These technologies come with new vulnerabilities that could expose sensitive data ofcitizens to hackers. The authors in [9] propose a selective encryption scheme using singular-value decomposition and chaotic systems in order to overcome such issues. The proposedmethod ensures the confidentiality of video streams originating from devices that haveminimal resources and that are mostly used in a smart-traffic management systems. TheNIS directive (which is now substituted by the NIS2 Directive) has identified several criticalsectors, including transport, and the proposed method could be used as an efficient tool tosecure the information that is created and transmitted through a smart traffic system.When dealing with attacks in critical infrastructures that are usually large complexsystems interconnected with several others, the correct prioritization of vulnerabilities israther a difficult exercise to take. The lack of a proper vulnerability assessment leaves theinfrastructure exposed to several attacks that could have devastating physical outcomeswhen it supports critical services to citizens. The authors in [10] present a vulnerabilityprioritization model that can reveal characteristics of information-security-related vulnera-bilities. Coping with node–edge risk calculation, the authors in [11] propose a vulnerabilityCorrelation and Attack Graph-based node–edge Scoring System. These works reveal thecontinuous and crucial need for novel vulnerability analysis methods that are based onprioritization and risk analysis.Dealing with the security and privacy of information during transmission into a digitalenvironment, the authors in [12] propose a GCN algorithm for detecting malicious digitalcertificates. Malicious certificates can be used in order to hide malicious activities fromthreat actors. In order to achieve an efficient detection of malicious certificates, the authorsdesign a rules-based method for extracting certificate attributes from documents that areused as features for the classification algorithm. The proposed method is very promisingand can be applied in several aspects of electronic transactions where digital certificates areused to link ownership of public keys with the entities that own them. In order to securetransmission of information against tampering and cracking, authors in [13] propose anovel secure communication method based on the message hash chain. The tampering ofinformation has been proven to be very dangerous, especially for industrial control systemsthat support or offer critical services to citizens, such as energy plants, and solutions thatcan secure those systems are in need.On June 2022, the EU Member States agreed on revising the EU Network and Informa-tion Security Directive: NIS2. One of the additions of NIS2 as compared to the NIS was theextension of the scope of the NIS with the addition of new sectors, such as the food sector.The authors in [14] discuss the new threats and security challenges that the digitization ofagriculture has to face. Among the many open issues, challenges, and future directions thatAppl. Sci. 2022, 12, 10387 3 of 4both organizations and governments will face, the authors propose the development ofproper incident response and business continuity plans.Focusing on the security of industrial control systems (ICS), the authors in [15] proposea configurable dependency model that can be used for risk assessment. The authorsidentified correctly the specific requirements of an ICS risk model that includes the need tocope with the diversity of experts that cooperate in an ICS along with the need to createa model that can offer an overview of the system at a high level of abstraction whilecapturing all inter-dependencies. Using the proposed configurable model organisationscan save time and resources dedicated to risk assessment and thus be better prepared forcybersecurity incidents.It has been proven that machine learning principles can be used in order to deployefficient intrusion detection systems. One-class models have long been proven to be veryefficient in circumstances where there is a need for the detection of both known andunknown (novel) attacks; the model must be robust to noise samples and where thereis a lack of datasets that include attacks when training the model, all of the above beingthe standard situation for an ICS. The authors in [16] propose a new IDS that integrateslong short-term memory principles into the one-class model and has been tested throughextensive experiments on three complex network security data sets.Following a similar approach, the authors in [17] propose an intelligence system basedon machine learning and deep learning approaches to detect serious attacks on ICSs. Inanother article in this collection, the authors in [18] analyzed the classification of 0-daysthreats and anomalous intrusion in a novel dataset that includes cloud services. In addition,the authors in [19] propose a malicious anonymous proxy traffic that is based on theprinciples of deep learning and image transformation. In order to keep the computationaloverhead of image transformation low, the method converts the sequences of the size andinter-arrival time of the first N packets of a flow into images before applying classification.The proposed methods achieve high accuracy while keeping the sizes of the producedimages more than 90% smaller than that of existing image-based deep learning methodsAll of the aforementioned works of the SI collection are very important since they providevaluable conclusions about the performance of several machine-learning-based intrusion-detection systems against sophisticated attacks, methods to improve their performance andpossible future improvements or research directions.Mobile phones have been used recently for tasks that are not directly linked to com-munication between users. E-banking, e-commerce, emails, and remote desktop servicescan help users stay always connected and to perform many of their activities through theirmobile devices. The vulnerabilities in these services must be discovered through the execu-tion of the code into a safe or isolated environment. Often, this leads the normal operationof the OS to halt, thus making it unable to offer any services. The authors in [20] try tosolve this problem by proposing a secure service provisioning platform that guaranteesthe execution time of the normal OS while providing hypervisor-level security services.Coping with the same problem from a different perspective, the authors in [21] propose alightweight, multi-source, fast Android malware detection model by using data from theinternal files of the applications in order to build the machine learning models.The authors in [22] focus on providing a solution for secure health monitoring and fordigital twins in adversarial radio environments. The authors propose graph layer security(GLS) in order to secure the information that is transmitted wirelessly by exploiting someof the networked domain’s physical dynamics. The method can be robust against bothpassive eavesdropping attacks and active attacks.In the last article of this collection, the authors in [23] introduce a testbed for thestudy of cyber-attacks against a realistic simulation of a nuclear power plant. The testbedintegrates a simulated Modbus/TCP network environment containing basic industrialcontrol elements implemented with open-source software components and is validatedagainst several cyberattacks.Appl. Sci. 2022, 12, 10387 4 of 4Funding: This research received no external funding.Conflicts of Interest: All authors declare no conflict of interest.References1. DCMS. Proposal for Legislation to Improve the UK’s Cyber Resilience. 2022. Available online: https://www.gov.uk/government/consultations/proposal-for-legislation-to-improve-the-uks-cyber-resilience/proposal-for-legislation-to-improve-the-uks-cyber-resilience (accessed on 1 October 2022).2. ENISA. Threat Landscape for Supply Chain Attacks. 2021. Available online: https://www.enisa.europa.eu/publications/threat-landscape-for-supplychain-attacks (accessed on 1 October 2022).3. Aliyu, A.; Maglaras, L.; He, Y.; Yevseyeva, I.; Boiten, E.; Cook, A.; Janicke, H. A holistic cybersecurity maturity assessmentframework for higher education institutions in the United Kingdom. Appl. Sci. 2020, 10, 3660. [CrossRef]4. Maglaras, L.A.; Jiang, J. Ocsvm model combined with k-means recursive clustering for intrusion detection in scada systems. InProceedings of the 10th International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness,Rhodes, Greece, 18–20 August 2014; IEEE: Piscataway, NJ, USA, 2014; pp. 133–134.5. Cook, A.; Smith, R.; Maglaras, L.; Janicke, H. Measuring the risk of cyber attack in industrial control systems. In Proceedings ofthe 4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR), Belfast, UK, 23–25 August 2016.6. Maglaras, L.A.; Ferrag, M.A.; Janicke, H.; Ayres, N.; Tassiulas, L. Reliability, Security, and Privacy in Power Grids. Computer 2022,55, 85–88. [CrossRef]7. Buckley, I.A.; Fernandez, E.B.; Larrondo-Petrie, M.M. Patterns combining reliability and security. In Proceedings of theInternational Conferences on Pervasive Patterns and Applications, IARIA Conferences, Rome, Italy, 25–30 September 2011;pp. 144–150.8. Holgado, P.; Villagrá, V.A.; Vazquez, L. Real-time multistep attack prediction based on hidden markov models. IEEE Trans.Dependable Secur. Comput. 2017, 17, 134–147. [CrossRef]9. Benrhouma, O.; Alkhodre, A.B.; AlZahrani, A.; Namoun, A.; Bhat, W.A. Using Singular Value Decomposition and Chaotic Mapsfor Selective Encryption of Video Feeds in Smart Traffic Management. Appl. Sci. 2022, 12, 3917. [CrossRef]10. Reyes, J.; Fuertes, W.; Arévalo, P.; Macas, M. An Environment-Specific Prioritization Model for Information-Security Vulnerabili-ties Based on Risk Factor Analysis. Electronics 2022, 11, 1334. [CrossRef]11. Shin, G.Y.; Hong, S.S.; Lee, J.S.; Han, I.S.; Kim, H.K.; Oh, H.R. Network Security Node-Edge Scoring System Using Attack GraphBased on Vulnerability Correlation. Appl. Sci. 2022, 12, 6852. [CrossRef]12. Liu, J.; Luktarhan, N.; Chang, Y.; Yu, W. Malcertificate: Research and Implementation of a Malicious Certificate DetectionAlgorithm Based on GCN. Appl. Sci. 2022, 12, 4440. [CrossRef]13. Han, M.; Jiang, W. A Secure Communication Method Based on Message Hash Chain. Appl. Sci. 2022, 12, 4505. [CrossRef]14. Alahmadi, A.N.; Rehman, S.U.; Alhazmi, H.S.; Glynn, D.G.; Shoaib, H.; Solé, P. Cyber-Security Threats and Side-Channel Attacksfor Digital Agriculture. Sensors 2022, 22, 3520. [CrossRef] [PubMed]15. Cherdantseva, Y.; Burnap, P.; Nadjm-Tehrani, S.; Jones, K. A configurable dependency model of a SCADA system for goal-orientedrisk assessment. Appl. Sci. 2022, 12, 4880. [CrossRef]16. Li, Y.; Xu, Y.; Cao, Y.; Hou, J.; Wang, C.; Guo, W.; Li, X.; Xin, Y.; Liu, Z.; Cui, L. One-Class LSTM Network for Anomalous NetworkTraffic Detection. Appl. Sci. 2022, 12, 5051. [CrossRef]17. Alkahtani, H.; Aldhyani, T.H. Developing Cybersecurity Systems Based on Machine Learning and Deep Learning Algorithms forProtecting Food Security Systems: Industrial Control Systems. Electronics 2022, 11, 1717. [CrossRef]18. Nkongolo, M.; Van Deventer, J.P.; Kasongo, S.M.; Zahra, S.R.; Kipongo, J. A Cloud Based Optimization Method for Zero-DayThreats Detection Using Genetic Algorithm and Ensemble Learning. Electronics 2022, 11, 1749. [CrossRef]19. He, Y.; Li, W. A Novel Lightweight Anonymous Proxy Traffic Detection Method Based on Spatio-Temporal Features. Sensors2022, 22, 4216. [CrossRef]20. Seo, J.; Lee, S.; Kim, K.I.; Kim, K.H. A Fine-Grained Secure Service Provisioning Platform for Hypervisor Systems. Electronics2022, 11, 1606. [CrossRef]21. Peng, T.; Hu, B.; Liu, J.; Huang, J.; Zhang, Z.; He, R.; Hu, X. A Lightweight Multi-Source Fast Android Malware Detection Model.Appl. Sci. 2022, 12, 5394. [CrossRef]22. Wei, Z.; Wang, L.; Sun, S.C.; Li, B.; Guo, W. Graph layer security: Encrypting information via common networked physics. Sensors2022, 22, 3951. [CrossRef] [PubMed]23. de Brito, I.B.; de Sousa, R.T., Jr. Development of an Open-Source Testbed Based on the Modbus Protocol for CybersecurityAnalysis of Nuclear Power Plants. Appl. Sci. 2022, 12, 7942. [CrossRef]

Combining security and reliability of critical infrastructures: The concept of securability

https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=2567&context=ecuworks2022-2026

Combining security and reliability of critical infrastructures: The concept of securability

Abstract

Similar works

Full text

Available Versions

Research Online @ ECU