Title: Managing incident response in the industrial internet of things

Authors: Allan Cook; Leandros Maglaras; Richard Smith; Helge Janicke

Addresses: Cyber Technology Institute, De Montfort University, Leicester, LE1 9BH, UK ' Cyber Technology Institute, De Montfort University, Leicester, LE1 9BH, UK ' Cyber Technology Institute, De Montfort University, Leicester, LE1 9BH, UK ' Cyber Technology Institute, De Montfort University, Leicester, LE1 9BH, UK

Abstract: Industrial control systems (ICS) are an essential element of critical national infrastructure, often managing processes and utilities that are essential to a nation's wellbeing and prosperity. These systems are increasingly the target of cyber attacks, and thus are required to adopt a stronger cyber defence posture. The integration of industrial internet of things (IIoT) devices with existing, proprietary operational technology (OT) poses new challenges to incident responders operating in these heterogeneous environments. This paper explores the characteristics of ICS and considers them within an established incident response framework. We conclude that existing incident response processes are applicable to ICS. We recommend that these models be developed and tested within synthetic environments to quantify antagonistic impacts, drive architectural improvements and increase incident response investment.

Keywords: industrial control systems; ICS; incident response; industrial internet of things; IIoT.

DOI: 10.1504/IJITST.2018.093336

International Journal of Internet Technology and Secured Transactions, 2018 Vol.8 No.2, pp.251 - 276

Received: 05 Oct 2016
Accepted: 02 Dec 2016
Published online: 25 Jul 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article