A holistic approach to reasoning about the security of critical infrastructure systems
By uchennadani, on 13 February 2020
By Dr Uchenna D Ani, Post-Doctoral Research Fellow with the PETRAS National Centre of Excellence for IoT Systems Cybersecurity, UCL STEaPP
Security designs should not consider technical details alone but should capture the bigger picture of the co-interacting participants that provide critical services.
Critical National Infrastructure (CNI) systems need cybersecurity, physical security and personnel security. CNI systems use networks of diverse technologies (hardware and software) to enable the exchange of data and information. Generally, this involves socio-technical systems (STS) – people interacting with the technology and working together as a single system structured to achieve operational objectives.
Integrating the internet and the Internet of Things (IoT) with CNI systems enable greater capabilities for remote, autonomous sensing. Integration supports smarter control, monitoring, predictive maintenance, safety, and security management, but the convergence brings new security risks that demand serious attention. Geoff E, of the UK National Cyber Security Centre (NCSC), highlights the need to consider such systems as a whole rather than the sum of individual components. A holistic perspective is therefore necessary to achieve more all-embracing security.
A particular challenge involves understanding the capacity to take measures that allow the safe and secure integration of the internet to existing critical infrastructure protection.
Security incidents like the WannaCry virus that infected rail infrastructure in 2017 emphasise the importance of the complex interaction between humans, organisational structures and engineered systems. These incidents must be considered within a socio-technical system. Studies on layered security in critical infrastructures show that the points of security compromise and failure have not always been technical and have included social behaviours related to human and/or organisational traits. For example, how humans engaged with the technical and procedural components of the system.
An integrated technical and social approach to security development is seen to be more appropriate – and necessary.
What we are doing about it
Modelling for Socio-Technical Security (MASS) is a research project funded by the EPSRC as part of the PETRAS National Centre of Excellence for IoT Systems Cybersecurity. Professor Jeremy Watson CBE and Dr Uchenna D Ani from UCL STEaPP, in collaboration with Professor Steve Hailes and Dr Nilufer Tuptuk from UCL Computer Science, are exploring perspectives related to both technical and social modelling and simulation of security.
How do we improve security by taking a holistic approach beyond technical aspects?
We investigate the knowledge, attitudes, perceptions, practices, enabling factors, and barriers for socio-technical security modelling. We explore insight into how people understand security risks, and the lengths to which they go to address it and support threat monitoring, vulnerability identification and security risk management. In addition, we explore the evaluation and validation of security development tools (for modelling and simulation), and operational security tools used for monitoring and early detection of threats. We work with rail infrastructure partners to support the integration of the internet and Internet of Things with their critical infrastructure systems and services.
Why it matters
Early analysis of potential security problems from a socio-technical viewpoint will be more beneficial for system design, resulting in the development of more robust IoT-enabled critical national infrastructure. Security designs should not consider technical details alone but should capture the bigger picture of the co-interacting participants that provide critical services. It is necessary to represent the needs and actions of the participants in complex interactions so that their unique security concerns and roles within dynamic environments can be addressed.
For critical national infrastructure, it is crucial to understand how to meet a more reflective security goal that combines socio-technical attributes such as software, hardware, policies and regulations, standards, human behaviours, finance, and organisational structure. This can lead towards a more holistic cyber-physical system security model solution to evolve higher-level national and international guidance on future developments and improvements in the implementation of IoT security systems.
Those who own, manage, and operate these systems need to understand their unique socio-technical environments. They would become more aware of the emerging cybersecurity threats and vulnerabilities, and of the analytical options available to help improve the security of their systems.
Outputs from the MASS project should provide a better, substantiated understanding of the realistic usefulness of socio-technical security modelling and simulation, as well as approaches towards secure-by-design decision drivers towards adoption. The project will highlight current limitations and produce policy recommendations to support improved security in IoT-based critical national infrastructure.