Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical intelligent technologies pose serious embedded security challenges for technology manufacturers which are required to be systematically approached, in-line with international security regulations.
This paper presents the security foundation for such intelligent technologies by presenting core security functions laid out by international security authorities. For each core security function, the embedded security requirements have been derived, which can be used to establish cyber resilience in embedded systems. A review of existing embedded security methods, microarchitectures and design practises is presented to map the driven embedded security requirements onto existing embedded security landscape and to identify their shortcomings to support the core security functions. They have been found ad-hoc, passive and strongly rely on building and maintaining trust. To the best of our knowledge to date, no existing embedded security microarchitecture or defence mechanism provides continuity of data stream or security once trust has broken. This step is crucial for embedded technologies deployed in critical infrastructure to enhance and maintain security, and to gain evidence of the security breach to effectively evaluate, improve and deploy active response and mitigation strategies. To this end, the paper proposes three microarchitectural characteristics that shall be designed and integrated into embedded architectures to establish, maintain and
improve cyber resilience in embedded systems for next generation critical infrastructure.
LanguageEnglish
Title of host publicationIEEE International System-on-Chip Conference (SOCC): Proceedings
Publication statusAccepted - 03 Jul 2019
EventIEEE International System-on-chip Conference 2019 - Marina Bay Sands Hotel, Singapore, Singapore
Duration: 03 Sep 201906 Sep 2019
Conference number: 32
https://www.ieee-socc.org/

Conference

ConferenceIEEE International System-on-chip Conference 2019
Abbreviated titleSoCC
CountrySingapore
CitySingapore
Period03/09/201906/09/2019
Internet address

Fingerprint

Critical infrastructures
Embedded systems
Industry

Keywords

  • Cyber Resilient Embedded System
  • Cyber-Physical Embedded System
  • Active Defence
  • Response
  • Recovery
  • Security Regulation
  • Cyber Resilience

Cite this

Siddiqui, F., Hagan, M., & Sezer, S. (Accepted/In press). Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure. In IEEE International System-on-Chip Conference (SOCC): Proceedings
@inproceedings{93e179f22f4644fd9c0a9e94994c69df,
title = "Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure",
abstract = "The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical intelligent technologies pose serious embedded security challenges for technology manufacturers which are required to be systematically approached, in-line with international security regulations. This paper presents the security foundation for such intelligent technologies by presenting core security functions laid out by international security authorities. For each core security function, the embedded security requirements have been derived, which can be used to establish cyber resilience in embedded systems. A review of existing embedded security methods, microarchitectures and design practises is presented to map the driven embedded security requirements onto existing embedded security landscape and to identify their shortcomings to support the core security functions. They have been found ad-hoc, passive and strongly rely on building and maintaining trust. To the best of our knowledge to date, no existing embedded security microarchitecture or defence mechanism provides continuity of data stream or security once trust has broken. This step is crucial for embedded technologies deployed in critical infrastructure to enhance and maintain security, and to gain evidence of the security breach to effectively evaluate, improve and deploy active response and mitigation strategies. To this end, the paper proposes three microarchitectural characteristics that shall be designed and integrated into embedded architectures to establish, maintain andimprove cyber resilience in embedded systems for next generation critical infrastructure.",
keywords = "Cyber Resilient Embedded System, Cyber-Physical Embedded System, Active Defence, Response, Recovery, Security Regulation, Cyber Resilience",
author = "Fahad Siddiqui and Matthew Hagan and Sakir Sezer",
year = "2019",
month = "7",
day = "3",
language = "English",
booktitle = "IEEE International System-on-Chip Conference (SOCC): Proceedings",

}

Siddiqui, F, Hagan, M & Sezer, S 2019, Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure. in IEEE International System-on-Chip Conference (SOCC): Proceedings. IEEE International System-on-chip Conference 2019, Singapore, Singapore, 03/09/2019.

Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure. / Siddiqui, Fahad; Hagan, Matthew; Sezer, Sakir.

IEEE International System-on-Chip Conference (SOCC): Proceedings. 2019.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Establishing Cyber Resilience in Embedded Systems for Securing Next-Generation Critical Infrastructure

AU - Siddiqui, Fahad

AU - Hagan, Matthew

AU - Sezer, Sakir

PY - 2019/7/3

Y1 - 2019/7/3

N2 - The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical intelligent technologies pose serious embedded security challenges for technology manufacturers which are required to be systematically approached, in-line with international security regulations. This paper presents the security foundation for such intelligent technologies by presenting core security functions laid out by international security authorities. For each core security function, the embedded security requirements have been derived, which can be used to establish cyber resilience in embedded systems. A review of existing embedded security methods, microarchitectures and design practises is presented to map the driven embedded security requirements onto existing embedded security landscape and to identify their shortcomings to support the core security functions. They have been found ad-hoc, passive and strongly rely on building and maintaining trust. To the best of our knowledge to date, no existing embedded security microarchitecture or defence mechanism provides continuity of data stream or security once trust has broken. This step is crucial for embedded technologies deployed in critical infrastructure to enhance and maintain security, and to gain evidence of the security breach to effectively evaluate, improve and deploy active response and mitigation strategies. To this end, the paper proposes three microarchitectural characteristics that shall be designed and integrated into embedded architectures to establish, maintain andimprove cyber resilience in embedded systems for next generation critical infrastructure.

AB - The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical intelligent technologies pose serious embedded security challenges for technology manufacturers which are required to be systematically approached, in-line with international security regulations. This paper presents the security foundation for such intelligent technologies by presenting core security functions laid out by international security authorities. For each core security function, the embedded security requirements have been derived, which can be used to establish cyber resilience in embedded systems. A review of existing embedded security methods, microarchitectures and design practises is presented to map the driven embedded security requirements onto existing embedded security landscape and to identify their shortcomings to support the core security functions. They have been found ad-hoc, passive and strongly rely on building and maintaining trust. To the best of our knowledge to date, no existing embedded security microarchitecture or defence mechanism provides continuity of data stream or security once trust has broken. This step is crucial for embedded technologies deployed in critical infrastructure to enhance and maintain security, and to gain evidence of the security breach to effectively evaluate, improve and deploy active response and mitigation strategies. To this end, the paper proposes three microarchitectural characteristics that shall be designed and integrated into embedded architectures to establish, maintain andimprove cyber resilience in embedded systems for next generation critical infrastructure.

KW - Cyber Resilient Embedded System

KW - Cyber-Physical Embedded System

KW - Active Defence

KW - Response

KW - Recovery

KW - Security Regulation

KW - Cyber Resilience

M3 - Conference contribution

BT - IEEE International System-on-Chip Conference (SOCC): Proceedings

ER -