IDEAS home Printed from https://ideas.repec.org/a/spr/envsyd/v43y2023i2d10.1007_s10669-023-09895-1.html
   My bibliography  Save this article

A cyber resilience analysis case study of an industrial operational technology environment

Author

Listed:
  • Kirsty Perrett

    (University of South Wales)

  • Ian David Wilson

    (University of South Wales)

Abstract

Cyber resilience is an active research area offering a novel approach to Cyber Security. The term appeared due to the concerning number of cyber-attacks on critical infrastructure. The National Institute of Standards and Technology (NIST) developed a framework to assist organisations with techniques and approaches to improving cyber resilience. However, there are a sparsity of case studies that speak to the adoption or measurement of these novel approaches within a complex industrial control environment. This paper presents a case study analysis of a manufacturing plant assessment drawing on key themes from the NIST literature. The paper presents how well NIST constructs can be adopted to find cyber-resilient enhancement opportunities and to decide if an evaluation of the results could supply a quantitative baseline measure of an organisation’s overall resilience. Conclusions drawn show that although the framework did partially aid with the analysis process, the frameworks ease of adoption assume an organisation has a conventional cyber security foundation; NIST should make this clear within their guidance. Furthermore, the accompanying evaluation process was not sufficient to quantitatively measure the overall cyber resilience maturity for this case study.

Suggested Citation

  • Kirsty Perrett & Ian David Wilson, 2023. "A cyber resilience analysis case study of an industrial operational technology environment," Environment Systems and Decisions, Springer, vol. 43(2), pages 178-190, June.
    • Handle: RePEc:spr:envsyd:v:43:y:2023:i:2:d:10.1007_s10669-023-09895-1
    DOI: 10.1007/s10669-023-09895-1
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10669-023-09895-1
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.
    File URL: https://libkey.io/10.1007/s10669-023-09895-1?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Igor Linkov & Todd Bridges & Felix Creutzig & Jennifer Decker & Cate Fox-Lent & Wolfgang Kröger & James H. Lambert & Anders Levermann & Benoit Montreuil & Jatin Nathwani & Raymond Nyer & Ortwin Renn &, 2014. "Changing the resilience paradigm," Nature Climate Change, Nature, vol. 4(6), pages 407-409, June.
    2. Igor Linkov & Daniel A. Eisenberg & Kenton Plourde & Thomas P. Seager & Julia Allen & Alex Kott, 2013. "Resilience metrics for cyber systems," Environment Systems and Decisions, Springer, vol. 33(4), pages 471-476, December.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Mujjuni, F. & Betts, T. & To, L.S. & Blanchard, R.E., 2021. "Resilience a means to development: A resilience assessment framework and a catalogue of indicators," Renewable and Sustainable Energy Reviews, Elsevier, vol. 152(C).
    2. Ivo Häring & Mirjam Fehling-Kaschek & Natalie Miller & Katja Faist & Sebastian Ganter & Kushal Srivastava & Aishvarya Kumar Jain & Georg Fischer & Kai Fischer & Jörg Finger & Alexander Stolz & Tobias , 2021. "A performance-based tabular approach for joint systematic improvement of risk control and resilience applied to telecommunication grid, gas network, and ultrasound localization system," Environment Systems and Decisions, Springer, vol. 41(2), pages 286-329, June.
    3. Ziyi Wang & Zengqiao Chen & Cuiping Ma & Ronald Wennersten & Qie Sun, 2022. "Nationwide Evaluation of Urban Energy System Resilience in China Using a Comprehensive Index Method," Sustainability, MDPI, vol. 14(4), pages 1-36, February.
    4. Wood, Matthew D. & Wells, Emily M. & Rice, Glenn & Linkov, Igor, 2019. "Quantifying and mapping resilience within large organizations," Omega, Elsevier, vol. 87(C), pages 117-126.
    5. Sharifi, Ayyoob & Yamagata, Yoshiki, 2016. "Principles and criteria for assessing urban energy resilience: A literature review," Renewable and Sustainable Energy Reviews, Elsevier, vol. 60(C), pages 1654-1677.
    6. Laura A. Bakkensen & Cate Fox‐Lent & Laura K. Read & Igor Linkov, 2017. "Validating Resilience and Vulnerability Indices in the Context of Natural Disasters," Risk Analysis, John Wiley & Sons, vol. 37(5), pages 982-1004, May.
    7. Kong, Jingjing & Zhang, Chao & Simonovic, Slobodan P., 2021. "Optimizing the resilience of interdependent infrastructures to regional natural hazards with combined improvement measures," Reliability Engineering and System Safety, Elsevier, vol. 210(C).
    8. Nicole R. Sikula & James W. Mancillas & Igor Linkov & John A. McDonagh, 2015. "Risk management is not enough: a conceptual model for resilience and adaptation-based vulnerability assessments," Environment Systems and Decisions, Springer, vol. 35(2), pages 219-228, June.
    9. Bo Zou & Pooria Choobchian & Julie Rozenberg, 2021. "Cyber resilience of autonomous mobility systems: cyber-attacks and resilience-enhancing strategies," Journal of Transportation Security, Springer, vol. 14(3), pages 137-155, December.
    10. Timothy L. McDaniels & Stephanie E. Chang & David Hawkins & Gerard Chew & Holly Longstaff, 2015. "Towards disaster-resilient cities: an approach for setting priorities in infrastructure mitigation efforts," Environment Systems and Decisions, Springer, vol. 35(2), pages 252-263, June.
    11. Amro Nasr & Oskar Larsson Ivanov & Ivar Björnsson & Jonas Johansson & Dániel Honfi, 2021. "Towards a Conceptual Framework for Built Infrastructure Design in an Uncertain Climate: Challenges and Research Needs," Sustainability, MDPI, vol. 13(21), pages 1-19, October.
    12. Claudio M. Rocco & Kash Barker & Jose Moronta, 2022. "Determining the best algorithm to detect community structures in networks: application to power systems," Environment Systems and Decisions, Springer, vol. 42(2), pages 251-264, June.
    13. Gangwal, Utkarsh & Singh, Mayank & Pandey, Pradumn Kumar & Kamboj, Deepak & Chatterjee, Samrat & Bhatia, Udit, 2022. "Identifying early-warning indicators of onset of sudden collapse in networked infrastructure systems against sequential disruptions," Physica A: Statistical Mechanics and its Applications, Elsevier, vol. 591(C).
    14. Poulin, Craig & Kane, Michael B., 2021. "Infrastructure resilience curves: Performance measures and summary metrics," Reliability Engineering and System Safety, Elsevier, vol. 216(C).
    15. Yifan Yang & S. Thomas Ng & Frank J. Xu & Martin Skitmore & Shenghua Zhou, 2019. "Towards Resilient Civil Infrastructure Asset Management: An Information Elicitation and Analytical Framework," Sustainability, MDPI, vol. 11(16), pages 1-24, August.
    16. Petersen, L. & Lange, D. & Theocharidou, M., 2020. "Who cares what it means? Practical reasons for using the word resilience with critical infrastructure operators," Reliability Engineering and System Safety, Elsevier, vol. 199(C).
    17. S. Ananda Kumar & M. S. P. Subathra & Nallapaneni Manoj Kumar & Maria Malvoni & N. J. Sairamya & S. Thomas George & Easter S. Suviseshamuthu & Shauhrat S. Chopra, 2020. "A Novel Islanding Detection Technique for a Resilient Photovoltaic-Based Distributed Power Generation System Using a Tunable-Q Wavelet Transform and an Artificial Neural Network," Energies, MDPI, vol. 13(16), pages 1-22, August.
    18. Alexander A. Ganin & Phuoc Quach & Mahesh Panwar & Zachary A. Collier & Jeffrey M. Keisler & Dayton Marchese & Igor Linkov, 2020. "Multicriteria Decision Framework for Cybersecurity Risk Assessment and Management," Risk Analysis, John Wiley & Sons, vol. 40(1), pages 183-199, January.
    19. Alessandro Annarelli & Giulia Palombi, 2021. "Digitalization Capabilities for Sustainable Cyber Resilience: A Conceptual Framework," Sustainability, MDPI, vol. 13(23), pages 1-9, November.
    20. Gianluca Pescaroli & David Alexander, 2018. "Understanding Compound, Interconnected, Interacting, and Cascading Risks: A Holistic Framework," Risk Analysis, John Wiley & Sons, vol. 38(11), pages 2245-2257, November.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:envsyd:v:43:y:2023:i:2:d:10.1007_s10669-023-09895-1. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.