Impact of Cyber Security Operations on Hardware Requirements for Stable and Workable Industrial Environments
Simola, J., Takala, A., Lehkonen, R., Frantti, T., & Savola, R. (2024). Impact of Cyber Security Operations on Hardware Requirements for Stable and Workable Industrial Environments. In J. du Toit, & B. van Niekerk (Eds.), ICCWS 2024 : Proceedings of The 19th International Conference on Cyber Warfare and Security (pp. 348-357). Academic Conferences International Ltd. The Proceedings of the ... International Conference on Cyber Warfare and Security, 19. https://doi.org/10.34190/iccws.19.1.2003
Date
2024Copyright
© 2024 Jussi Simola, Arttu Takala, Riku Lehkonen, Tapio Frantti, Reijo Savola
Securing electricity distribution is one of the most important principles of the EU cyber security strategy. For example, European cyber security regulations, such as NIS2 (Network and Information Security Directive), CER (Critical Entities Resilience Directive), and Cyber Resilience Act (CRA) together aim to create a foundation and guidelines for international standards in various industries and the operation of critical infrastructure. Securing critical infrastructure is a common goal for Western operators. The new European Union (EU) directives bring new requirements to critical infrastructure administrators, device manufacturers and operators. Previously, member states have had responsibility for compliance with the directives, but they have been given freedom in the method by which they approach the requirements. Currently, member states' solutions are not always uniform, which has led to increased difficulties in coordination on a multi-national level. This, in turn, may lead to difficulties in coordination when responding to cybersecurity threats and attacks on critical infrastructure. The new regulation focuses on unifying the reporting between member states, reporting requirements of severe critical infrastructure events, and creating cybersecurity risk management procedures. In this study, we will provide a novel solution on how critical infrastructure administrators, device manufacturers, and operators may respond and become compliant with the new EU directives. To reach compliance and to enable the responsibilities that are required by the directive, the critical infrastructure devices and environment must have the capability to enable the responsible parties to identify, protect, detect, respond, and report. This sequence of actions is cyclical in nature since the identification of threats and vulnerabilities requires reports, which in turn requires data and detection. Our study focuses on the hardware requirements this causes on the manufacturing specifications, such as data collection and detection capabilities. The research belongs to the CSG project, and the purpose is to develop a governance model to minimize Operational Technology related risks and create a new standardized operating environment for the seamless utilization of energy solutions and industrial environment. The results of the study will be used in the analysis of requirements definitions in the OT environment.
...
Publisher
Academic Conferences International LtdParent publication ISBN
978-1-914587-96-2Conference
International Conference on Cyber Warfare and SecurityIs part of publication
ICCWS 2024 : Proceedings of The 19th International Conference on Cyber Warfare and SecurityISSN Search the Publication Forum
2048-9870Keywords
Publication in research information system
https://converis.jyu.fi/converis/portal/detail/Publication/207764840
Metadata
Show full item recordCollections
License
Related items
Showing items with similar title or keywords.
-
The Impact of Operational Technology Requirements in Maritime Industries
Simola, Jussi; Paavola, Jarkko; Satopää, Piia; Vanharanta, Jani (Academic Conferences International Ltd, 2024)The maritime ecosystem and industry require more efficient and coordinated cybersecurity governance. No common cybersecurity mechanism in the maritime sector may steer the whole supply chain management, for example, in the ... -
Developing Cybersecurity in an Industrial Environment by Using a Testbed Environment
Simola, Jussi; Savola, Reijo; Frantti, Tapio; Takala, Arttu; Lehkonen, Riku (Academic Conferences International, 2023)Critical infrastructure protection requires a testing environment that allows the testing of different kinds of equipment, software, networks, and tools to develop vital functions of the critical industrial environment. ... -
Governance of organic cocoa production : An analysis of EU regulation through the framework of multilevel governance
Obeng, Godfred Adduow (Wiley, 2022)Motivation While organic agriculture is seen as the best way to achieve sustainable agriculture, the question of how actors in the sector can help remains unresolved. This article seeks to contribute to the global ... -
Liikennejärjestelmän verkko- ja tietojärjestelmien turvallisuuden sääntely
Lahti, Ville (2022)Kriittisen infrastruktuurin osana olevat organisaatiot tarjoavat yhteiskunnan keskeisiä palveluita. Näiden palveluiden tarjoamisen jatkuvuutta ja turvallisuutta varmistetaan Euroopan unionin verkko- ja tietojärjestelmien ... -
Kriittisen infrastruktuurin ohjausjärjestelmien kyberturvallisuus
Virtanen, Alex (2019)Tämä tutkielma käsittelee kriittisen infrastruktuurin tuotanto- ja jakeluprosessien SCADA-järjestelmien toimintavarmuutta sekä resilienssiä kyberturvallisuuden näkökulmasta. Tutkielman tarkoituksena on selvittää, kuinka ...