Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Provisioning Cybersecurity in ICT Complex Supply Chains: An Overview, Key Issues and a Relevant Architecture

Xavi Masip-Bruin
* ORCID logo ,
Eva Marín-Tordera
,
José Ruiz
,
Admela Jukan
,
Panagiotis Trakadas
,
Ales Cernivec
,
Antonio Lioy
ORCID logo ,
Diego López
ORCID logo ,
Henrique Santos
ORCID logo ,
Antonis Gonos
,
Ana Silva
,
Jose Soriano
,
Grigorios Kalogiannis
Version 1 : Received: 20 April 2021 / Approved: 21 April 2021 / Online: 21 April 2021 (12:33:59 CEST)

How to cite: Masip-Bruin, X.; Marín-Tordera, E.; Ruiz, J.; Jukan, A.; Trakadas, P.; Cernivec, A.; Lioy, A.; López, D.; Santos, H.; Gonos, A.; Silva, A.; Soriano, J.; Kalogiannis, G. Provisioning Cybersecurity in ICT Complex Supply Chains: An Overview, Key Issues and a Relevant Architecture. Preprints 2021, 2021040580. https://doi.org/10.20944/preprints202104.0580.v1 Masip-Bruin, X.; Marín-Tordera, E.; Ruiz, J.; Jukan, A.; Trakadas, P.; Cernivec, A.; Lioy, A.; López, D.; Santos, H.; Gonos, A.; Silva, A.; Soriano, J.; Kalogiannis, G. Provisioning Cybersecurity in ICT Complex Supply Chains: An Overview, Key Issues and a Relevant Architecture. Preprints 2021, 2021040580. https://doi.org/10.20944/preprints202104.0580.v1

Abstract

The specific demands inherent to supply chains built upon large IoT systems, make a must the design of a coordinated framework for cyber resilience provisioning intended to guaranteeing trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure and heterogeneous ICT infrastructures. As such, the proposed solution is envisioned to deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure connecting them, addressing security and privacy functionalities related to risks and vulnerabilities management, accountability and mitigation strategies as well as security metrics and evidence-based security assurance. In this paper we present FISHY, as a preliminary designed architecture, designed to orchestrate both existing and beyond state-of-the-art security appliances in composed ICT scenarios and also leveraging capabilities of programmable network and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. The paper also includes a thorough business analysis to go far beyond the technical benefits of a potential FISHY adoption as well as three real-world use cases where to strongly support the envisioned benefits of a FISHY adoption.

Keywords

Cybersecurity; supply chains; IoT systems; systems integration, real scenarios analysis

Subject

Computer Science and Mathematics, Security Systems

Copyright: This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Download PDF

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0
Metrics 0
Get PDF Cite Share 0
Bookmark BibSonomy Mendeley Reddit Delicious
×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.