Cybersecurity in ICT Supply Chains: Key Challenges and a Relevant Architecture
Creators
- 1. Universitat Politècnica de Catalunya Vilanova i la Geltrú, Spain
- 2. ATOS
- 3. Technische Universität Braunschweig, Germany
- 4. Synelisis SA
- 5. XLAB d.o.o. Ljubljana, Slovenia
- 6. Politecnico di Torino
- 7. Telefónica Investigación y Desarrollo
- 8. Universidade do Minho
- 9. Optimum SA Information Technology
- 10. SONAE MC
- 11. Capgemini Engineering
- 12. Sphynx Technology Solutions AG
Description
The specific demands of supply chains built upon large and complex IoT systems, make it
a must to design a coordinated framework for cyber resilience provisioning, intended to guarantee
trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure, and
heterogeneous ICT infrastructures. As such, the solution proposed in this paper is envisioned to
deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure
connecting them, addressing security and privacy functionalities related to risks and vulnerabilities
management, accountability, and mitigation strategies, as well as security metrics and evidence-based
security assurance. In this paper, we present FISHY as a preliminary architecture that is designed
to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios.
To this end, the FISHY architecture leverages the capabilities of programmable networks and IT
infrastructure through seamless orchestration and instantiation of novel security services, both in
real-time and proactively. The paper also includes a thorough business analysis to go far beyond the
technical benefits of a potential FISHY adoption, as well as three real-world use cases highlighting
the envisioned benefits of a potential FISHY adoption.
Files
sensors-21-06057-v3.pdf
Files
(1.0 MB)
| Name | Size | Download all |
|---|---|---|
|
md5:ca76f76f108bc8a2f2a7ccc404d58c6e
|
1.0 MB | Preview Download |