Enhancing Security in Cloud-based Cyber-physical Systems
Research output: Contribution to journal › Article › Professional
|Journal||Journal of Cloud Computing Research|
|Publication status||Published - 1 Oct 2016|
|Publication type||D1 Article in a trade journal|
Cyber-physical systems combine traditional data-processing systems with physical actuation capabilities. The physical aspect introduces new physical risks beyond the typical cyber risks related to information security. Cyber physical systems have an additional physical interface that must be protected from attacks. Furthermore, the physical actuation capabilities increase the potential amount of damage inflicted by a compromised system. The security risks are amplified when cloud computing is applied to provide the necessary data processing capabilities, since such task offloading increases the volume of network communication and the use of external computation resources. Network communication may be intercepted, inhibited, or manipulated. The use of external resources requires that the resource providers are trusted and maintain adequate information security levels. The security levels must be particularly strict, when critical planning and decision-making processes are offloaded on cloud resources. In such cases, poor selection of cloud service providers could compromise the operation of the entire system. This article first reviews recent research on security in cyber-physical systems. Finally, this article investigates methods to improve security in cloud-based cyber-physical systems by analyzing two application examples, a production system based on Service Oriented Architectures (SOA) and a smart-mobility system. Based on the analysis, this article investigates additional security measures to improve security in such systems.