A systematic literature review on wireless security testbeds in the cyber-physical realm
Peer reviewed, Journal article
Published version
Permanent lenke
https://hdl.handle.net/11250/3088160Utgivelsesdato
2023Metadata
Vis full innførselSamlinger
Originalversjon
10.1016/j.cose.2023.103383Sammendrag
The Cyber-Physical System (CPS) lies in the core of Industry 4.0, accelerating the convergence of formerly barricaded operational technology systems with modern information technology ones. Nevertheless, the increased connectivity in terms of both wired and wireless links and associated attack surfaces that comes along, requires higher security for safeguarding critical industrial systems and manufacturing lines from cyberattacks. In this rapidly evolving ecosystem, security testbeds have emerged as a versatile, cost-effective solution for investigating potential attack vectors and devising appropriate countermeasures, without putting the real system at risk. The present work seeks to address a prominent literature gap, namely, the lack of a systematic review regarding the use of wireless-oriented security testbeds in CPS. We contribute an overarching, manifold review on this topic from 2016 onward, examining the various literature works from diverse angles, namely, the wireless technologies used, the implemented attacks, the employed security controls, and more. The analysis is done on a per-sector basis, including water and wastewater systems, healthcare, transportation, agriculture, energy, maritime, unmanned aircraft systems, and others. Finally yet importantly, we discuss key takeaways, open issues, and challenges. The key observations of our analysis, including almost 50 articles, can be wrapped up into two salient points: on the one hand, wireless technologies are increasingly penetrating into the CPS domain as an orthogonal, versatile solution to their wired counterparts, but on the other, they widen the window of opportunity for threat actors targeting wireless links. In this context, testbed thoroughness and security as a trade-off seem to be of major importance, alongside a modular, possibly sector-neutral reference architecture that overarches the peculiarities of CPS. Overall, to our knowledge, this work provides the first full-fledged survey on the use of wireless-oriented security testbeds in CPS, and it is therefore anticipated to serve as a groundwork and touchstone for several stakeholders at different levels.