Journal article Open Access

Cybersecurity in ICT Supply Chains: Key Challenges and a Relevant Architecture

Xavi Masip Bruin; Eva Marín Tordera; José Ruiz; Admela Jukan; Panagiotis Trakadas; Ales Cernivec; Antonio Lioy; Diego López; Henrique Santos; Antonis Gonos; Ana Silva; José Soriano; Grigorios Kalogiannis

The specific demands of supply chains built upon large and complex IoT systems, make it

a must to design a coordinated framework for cyber resilience provisioning, intended to guarantee

trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure, and

heterogeneous ICT infrastructures. As such, the solution proposed in this paper is envisioned to

deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure

connecting them, addressing security and privacy functionalities related to risks and vulnerabilities

management, accountability, and mitigation strategies, as well as security metrics and evidence-based

security assurance. In this paper, we present FISHY as a preliminary architecture that is designed

to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios.

To this end, the FISHY architecture leverages the capabilities of programmable networks and IT

infrastructure through seamless orchestration and instantiation of novel security services, both in

real-time and proactively. The paper also includes a thorough business analysis to go far beyond the

technical benefits of a potential FISHY adoption, as well as three real-world use cases highlighting

the envisioned benefits of a potential FISHY adoption.

Files (1.0 MB)
Name Size
1.0 MB Download
Views 47
Downloads 33
Data volume 33.6 MB
Unique views 40
Unique downloads 33


Cite as