Abstract
The specific demands of supply chains built upon large and complex IoT systems, make it a must to design a coordinated framework for cyber resilience provisioning, intended to guarantee trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure, and heterogeneous ICT infrastructures. As such, the solution proposed in this paper is envisioned to deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure connecting them, addressing security and privacy functionalities related to risks and vulnerabilities management, accountability, and mitigation strategies, as well as security metrics and evidence-based security assurance. In this paper, we present FISHY as a preliminary architecture that is designed to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios. To this end, the FISHY architecture leverages the capabilities of programmable networks and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. The paper also includes a thorough business analysis to go far beyond the technical benefits of a potential FISHY adoption, as well as three real-world use cases highlighting the envisioned benefits of a potential FISHY adoption.
Highlights
Introducing the ScenarioThe unstoppable evolution of ICT systems, with innovative technologies and business models, is driving a massive digital transformation, turning into the Industry 4.0 revolution
An efficient resilience strategy would ideally leverage the following three main components: (i) continuous availability, enabled by both the deployment of strategies to guarantee an “always-on” customer experience, and the required protection in front of disruptions; (ii) information technology (IT) workload mobility, permitted by the deployment of strategies facilitating traffic offloading and resource migration in a distributed computing environment, including edge and cloud computing; and (iii) multi-cloud agility, to determine the optimal set of resources that best match the expected level of resilience for each application
The threat is not just basic sensitive information being stolen anymore, or a and can change a system’s behaviour and network configuration at their will [11]. These being deactivated, but a plethora of quiet and unforeseeable threats, where attacke attacks are polymorphic in nature and sophisticated, using previously unseen custom in and can a system’s behaviour network their will [11 codes that arechange able to communicate with externaland command andconfiguration control entities toatupdate their functionality, or even implement themselves entirely from code fragments that theyunseen attacks are polymorphic in nature and sophisticated, using previously intelligently from benign programs, scripts, and software blocksand thatcontrol are already codes that harvest are able to communicate with external command entities to present in the cybersecurity system in place [12]
Summary
The unstoppable evolution of ICT systems, with innovative technologies and business models, is driving a massive digital transformation, turning into the Industry 4.0 revolution. The resilience of ICT systems is premium, and every ICT system is expected to implement at least a set of basic mechanisms to prevent, resist, and recover from any type of disruption in a timely manner, minimizing the impact on service quality and user experience. According to the US National Institute for Standards and Technology (NIST), cyber resilience is defined as “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that include cyber resources” [2]. It is imperative today in achieving cyber resilience of any ICT system, which is a challenge in the presence of disruptions, whether they be due to malicious security attacks or due to unreliable hardware and software system components and their implementations
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.