Making the Human the Strongest Link in an Integrated Cyber Physical Systems (CPS) Operational Stack Concept for Combined Security, Sustainability, Assurance, and Safety (S2AS)

Making the Human the Strongest Link in an Integrated Cyber Physical Systems (CPS) Operational Stack Concept for Combined Security, Sustainability, Assurance, and Safety (S2AS)

연구 분야: Verification

학회: International Conference on Global Security, Safety, and Sustainability

Organisations of all sizes are increasingly using emerging technologies like Artificial Intelligence (AI) and the Internet of Things (IoT) to enhance effectiveness (Kim and Kumar in Cyber–physical systems: a perspective at the centennial, pp. 1287–1308, 2012; Malatji et al. in Inf Comput Secur 27:233–272, 2019), fostering innovation and economic growth (Zengin et al. in Sustainability 13:2682, 2021; Mourtzis et al. in Energies 15:6276, 2022). However, it is leading to increasing human factor vulnerabilities exposure and now necessitating a move to an integrated human-centric approach involving security, sustainability assurance and safety to transform humans from the perceived weakest link to the strongest (Kaspersky Blog in The human factor in IT security: how employees are making businesses vulnerable from within, 2017; Keidanren (Japan Business Federation) in Toward realization of the new economy and society—reform of the economy and society by the deepening of ‘Society 5.0’, 2016). Based on Riley’s 2014 cyber terrain operational stack (CTOS) (Riley in “Cyber Terrain”: a model for increased understanding of cyber activity, 2014), this paper uses case studies to develop and combine an integrated human-centric view with an algorithmic-centric risk management methodology for a hybrid approach in cyber-physical environments. This methodology builds on from the original security triad's evolution (Boyes in Technol Innov Manag Rev 5:28–34, 2015) and aligns with potential new Security, Sustainability, Assurance and Safety (S2AS) risk management atomic attributes, providing an integrated framework for managing risks in cyber-physical ecosystems. The proposed integrated risk management framework potentially can be associated with the UN Sustainable Development Goals (SDGs), linking S2AS risk atomic attributes to identify potential risks and mitigation strategies. This could support fostering inclusive employment, technological innovation, and responsible consumption via AI and IoT for organisations ((Zengin et al. in Sustainability 13:2682, 2021).