ARES: Automated Risk Estimation in Smart Sensor Environments

ARES: Automated Risk Estimation in Smart Sensor Environments

Industry 4.0 adoption demands integrability, interoperability, composability, and security. Currently, integrability, interoperability and composability are addressed by next-generation approaches for enterprise systems integration such as model-based standards, ontology, business process model life...

Full description

Saved in:
Bibliographic Details
Published in:Sensors (Basel, Switzerland) Vol. 20; no. 16; p. 4617
Main Authors: Dimitriadis, Athanasios, Flores, Jose Luis, Kulvatunyou, Boonserm, Ivezic, Nenad, Mavridis, Ioannis
Format: Journal Article
Language:English
Published: Basel MDPI AG 17-08-2020
MDPI
Subjects:
Automation
business process context
Business process engineering
Business process management
Common Security Standards
Computer aided mapping
Cybersecurity
Enumeration
Identification
Industrial applications
information system risk assessment
Information systems
Interoperability
Risk assessment
Risk factors
Risk management
Security management
Sensors
smart sensor environments
Smart sensors
Software
Systems integration
Threats
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Industry 4.0 adoption demands integrability, interoperability, composability, and security. Currently, integrability, interoperability and composability are addressed by next-generation approaches for enterprise systems integration such as model-based standards, ontology, business process model life cycle management and the context of business processes. Security is addressed by conducting risk management as a first step. Nevertheless, security risks are very much influenced by the assets that the business processes are supported. To this end, this paper proposes an approach for automated risk estimation in smart sensor environments, called ARES, which integrates with the business process model life cycle management. To do so, ARES utilizes standards for platform, vulnerability, weakness, and attack pattern enumeration in conjunction with a well-known vulnerability scoring system. The applicability of ARES is demonstrated with an application example that concerns a typical case of a microSCADA controller and a prototype tool called Business Process Cataloging and Classification System. Moreover, a computer-aided procedure for mapping attack patterns-to-platforms is proposed, and evaluation results are discussed revealing few limitations.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 23
ISSN:1424-8220
1424-8220
DOI:10.3390/s20164617