Our colleagues Julio Moreno, David G. Rosado, Luis E. Sánchez and Eduardo Fernández-Medina together with, Manuel A. Serrano from the Alarcos Group have published the article Security Reference Architecture for Cyber-Physical Systems (CPS) , in the journal JUCS - Journal of Universal Computer Science, DOI: 10.3897/jucs.68539.

Abstract

Cyber-physical systems (CPS) are the next generation of engineering systems in which computing, communication and control technologies are being closely integrated. They play an increasingly important role in critical infrastructure, governments and everyday life. Security is crucial in CPS, but unfortunately, they were not initially conceived as a secure environment, and if these security issues are to be incorporated, it must be taken into account from the beginning of system design. One way to solve this problem is to have a global perspective, which can be achieved by employing a Reference Architecture (RA), as it is a high-level abstraction of a system that could be useful in the implementation of complex systems. It is widely accepted that the addition of elements to address many security factors (integrity, confidentiality, availability, etc.) and facilitate the definition of security requirements for a Security Reference Architecture (SRA) is a good starting point when trying to solve these types of cybersecurity problems and protect the system from the beginning of development. An SRA allows defining the key elements of a specific environment, thus allowing a better understanding of the elements inherent in the environments, while promoting the integration of security aspects and mechanisms. This document, therefore, presents the definition of an SRA for CPS through the use of UML models in an attempt to facilitate secure implementations of CPS.