Introduction
The phrases “cyber-physical systems,” or “CPS,” and “Internet of Things,” or “IoT,” have distinct origins but overlapping definitions, with both referring to trends in integrating digital capabilities, including network connectivity and computational capability, with physical devices and systems. Examples range from intelligent vehicles to advanced manufacturing systems, in sectors as diverse as energy, agriculture, smart cities, and beyond.
Implications of a unified CPS and IoT perspective include the opportunity for CPS and IoT research communities to work together to develop unified, new, hybrid discrete and continuous methods for CPS and IoT design, operation, and assurance; and highlight the importance of tight logical-physical linkage (e.g. robust sensing and actuation, secure systems, sound digital models, etc.) as the basis for the transformational nature of CPS and IoT concepts. The increasing number of interconnected CPS means the challenges that security and risk management (SRM) leaders face will only grow. CPS security solutions will support the expanding risk that SRM leaders face. Solutions will support a more centralized and coordinated approach to security across a variety of ecosystems in aid of a security strategy stretching across logical and physical dimensions.
The CPS and IoT concepts emerged from different communities, with CPS primarily emerging from a system engineering and control perspective:
- A cyber-physical system is a system of collaborating computational elements controlling physical entities. It is when the mechanical and electrical systems … are networked using software components. They use shared knowledge and information from processes to independently control logistics and production systems.
In contrast, the IoT concept emerged primarily from a networking and information technology perspective, which envisioned integrating the digital realm into the physical world.
- The term “Internet-of-Things” is used as an umbrella keyword for covering various aspects related to the extension of the Internet and the Web into the physical realm, by means of the widespread deployment of spatially distributed devices with embedded identification, sensing and/or actuation capabilities
Adoption of Cyber-Physical Systems Security
The fast and deep changes that are being introduced by digital transformation initiatives are impacting security, requiring a new approach to security strategy. Along with organizational and policy changes, SRM leaders will be considering security products with capabilities and integrations to be effective across different environments.
CPS security adoption will also be characterized by unique industry vertical demands. This high level of specialization is driving providers to develop a product strategy that aligns to the specific requirements emerging from distinct use cases such as IT -OT convergence, IIoT and/or consumer-centric IoT use cases.
Industry Use-Case Adoption
Examples of initiatives with involvement of CPS include:
- Government — smart cities
- Transportation — predictive maintenance
- Manufacturing — sensors and robots for operations automation
- Utilities — smart metering infrastructure
Opportunity for Security Product Leaders
Cybersecurity in CPS/IoT systems differs from that in conventional systems in at least three categories: complex cybersecurity deployment landscapes, cyber-attacks on physical systems, and physical attacks on and physics-based mitigation for cyber systems.
- First, the number and diversity of “things” being deployed in CPS/IoT systems present significant challenges. Adding networked connectivity to everyday objects increases the number of points of attack that must be protected. Variation in computational capacity, system memory, networking bandwidth, physical access, upgradeability, and other factors among heterogeneous, connected CPS/IoT elements means any single cybersecurity approach may have limited application. Instead, tailored approaches with attention to security compositionality are required.
- Second, the integration of logical and physical components means that an attack on IT systems can be used to gain control over critical physical systems for medical, critical infrastructure, life-safety, and other functions with the potential for causing damage, injury, or death. Instead, concerns related to all these engineering goals must be considered as interdependent, with provisions for trade-offs and interactions evaluated in any comprehensive CPS/IoT design and assurance process
- Third, and most importantly, the physical components of networked CPS/IoT systems provide both new threat vectors and novel threat mitigation means.
All these factors, will lead to a new era of CSP Providers, who will assist to:
- Recognize the convergence which would bring currently isolated fields and sectors together for progress around shared research, application, and innovation goals and opportunities.
- Effectively design, build, and assure CPS/IoT systems which would satisfy the system’s functional context, including how the system is used and for what purpose or outcome.
- Provide a unified perspective on CPS/IoT systems allowing a common classification structure for components, illuminating a path forward for enabling reliable compositionality for innovation in the creation of novel systems and systems-of-systems applications.
- Prioritize research, development, and deployment goals, including enabling tight physical and logical state linkages and developing hybrid discrete and continuous methods for conceptualization, realization, and assurance of CPS/IoT systems.
- Drive Demand for New Product Integrations and Capabilities – The market of CPS security has had an impact on security professionals and pave way for new responsibilities they face that arise from the converging environments which they are increasingly tasked to handle.
- Strive to create Specific Roles viz. Stand-Alone Specialist OT and IoT Security Players – Traditional IT security players will expand their total addressable market by reshaping their product strategy, aligning to the unique requirements of OT and IoT and providing industry-specific capabilities for CPS.
- Handle interoperability across disparate but connecting environments. A CPS security solution will cater to diverse security requirements by providing different controls, approaches and capabilities, such as with vulnerability assessments.
Kanoo Elite, a CPS Security provider, can help you develop a robust information security program to protect your cyber-physical systems. This may include risk assessments to evaluate threats and vulnerabilities to such systems on an ongoing manner , developing a data fabric to allow security alerts across different environments to come into a single platform to enable monitoring of alerts to detect anomalies, deployment of behaviour based detection and deception technologies to unearth suspicious activities among other strategies.
