Cybersecurity as part of dependability

Critical infrastructure protection is key to guarantee dependability of our vital assets. For example, energy plants, emergency and health services and state services cannot afford any failure or disruption. For a long time, dependability was considered in system engineering with a physical- oriented mindset, alongside Reliability, Availability, Maintainability, Safety (RAMS). We are now talking about cyber-physical systems (CPS) and so fault, incident, attack areas are both physical and digital. Cybersecurity is now part of dependability, and the two topics must be addressed jointly (RAMS+S).

Both systems engineers and cybersecurity experts must consider dependability and risk but, so far, there is no common language between the two disciplines and crossover is still rare. The two separate experts must work together to design systems that are both physically and digitally secure.

Assembly robots in factories, turbines and flow control in energy plants, railroad switches and traffic systems in railway companies, are often networked with supervisory control and data acquisition systems (SCADA), sometimes through time sensitive networks (TSN) and over remote sites. Any failure or intrusion in such systems can lead to subsequent disruption of service, and at worst to catastrophic events or disasters.

It is also important to think about communication technologies. In fact, connectivity is an intrinsic part of the digital world, and any malfunction in this area can lead to complete end user service disruption. This is the case for all communication systems deployed for the operation of critical infrastructures or public safety. For example, any outage (either physical or digital) in an emergency management system at a region or country level can lead to critical impacts, including endangerment of human life.

Finding a solution

Building a solution that encompasses people, processes and technology must be at the heart of all operations.
This means understanding both the physical and digital systems within the ecosystem and how they interact, and making security part of the culture of an organization and something everyone is responsible for.

Unfortunately, there is no perfect solution, and even less when complexity increases, reaching a system-of- systems level . Reaching operational safety within an acceptable risk profile can only be achieved by combining “by design” approaches and through continuous monitoring of the system during operation. Resilient systems that can automatically monitor themselves and flag any deviation from the expected quality of service and automatically apply countermeasures in an adaptive way.

At Atos, we would always recommend modern architectures, secured by design, and to set up collaborative mechanisms across different parts of a system. This is the best way to manage the risk of digital security incidents down to an appropriate level.

Unless security can be guaranteed to an appropriate level, complex systems such as autonomous cars cannot be used on a wide scale due to risk to life. Lack of security is a threat to technological progress.