An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
ARES: Automated Risk Estimation in Smart Sensor Environments
Published
Author(s)
Athanasios Dimitriadis, Jose L. Flores, Boonserm Kulvatunyou, Nenad Ivezic, Ioannis Mavridis
Abstract
Industry 4.0 adoption demands integrability, interoperability, composability, and security. Currently, integrability, interoperability and composability are addressed by next-generation approaches for enterprise systems integration such as model-based standards, ontology, business process model life cycle management and the context of business processes. Security is addressed by conducting risk management as a first step. Nevertheless, security risks are very much influenced by the assets that the business processes are supported. To this end, this paper proposes an approach for automated risk estimation in smart sensor environments, called ARES, which integrates with the business process model life cycle management. To do so, ARES utilizes standards for platform, vulnerability, weakness, and attack pattern enumeration in conjunction with a well-known vulnerability scoring system. The applicability of ARES is demonstrated with an application example that concerns a typical case of a microSCADA controller and a prototype tool called Business Process Cataloging and Classification System. Moreover, a computer-aided procedure for mapping attack patterns-to-platforms is proposed, and evaluation results are discussed revealing few limitations.
Dimitriadis, A.
, Flores, J.
, Kulvatunyou, B.
, Ivezic, N.
and Mavridis, I.
(2020),
ARES: Automated Risk Estimation in Smart Sensor Environments, Sensors, [online], https://doi.org/10.3390/s20164617
(Accessed October 14, 2024)