Skip to main content

Modelling Cyber-Physical Security in Healthcare Systems

  • 527 Accesses

Part of the Lecture Notes in Business Information Processing book series (LNBIP,volume 424)

Abstract

Health organizations are critical cyber-physical infrastructures. By relying on last technological advances, healthcare organizations are now able to provide more personalized services through open and controlled platforms. Unfortunately, these new technologies that rely on common communication interfaces and standards, enhance security breaches and exposes hospitals to several threats.

The paper presents an ontology that allows (1) modelling cyber-physical security concepts in healthcare systems and (2) helps designing incidents propagation mechanisms by focusing on cyber-physical interactions among critical assets.

Keywords

  • Critical health services
  • Cyber-physical assets
  • Ontology-based model
  • Cyber-physical incidents
  • Security attacks scenario

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-79108-7_12
  • Chapter length: 9 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-79108-7
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   74.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.

Notes

  1. 1.

    https://cve.mitre.org/.

  2. 2.

    https://www.first.org/cvss/.

  3. 3.

    https://capec.mitre.org/index.html.

References

  1. Abdallah, R., Motii, A., Yakymets, N., Lanusse, A.: Using model driven engineering to support multi-paradigms security analysis. In: International Conference on Model-Driven Engineering and Software Development, pp. 278–292 (2015)

    Google Scholar 

  2. Agrafiotis, I., Nurse, J.R., Goldsmith, M., Creese, S., Upton, D.: A taxonomy of cyber-harms: defining the impacts of cyber-attacks and understanding how they propagate. J. Cybersecur. 4(1), tyy006 (2018)

    Google Scholar 

  3. Ashibani, Y., Mahmoud, Q.H.: Cyber physical systems security: analysis, challenges and solutions. Comput. Secur. 68, 81–97 (2017)

    CrossRef  Google Scholar 

  4. Booth, H., Turner, C.: Vulnerability description ontology (vdo): a framework for characterizing vulnerabilities. Technical report, National Institute of Standards and Technology (2016)

    Google Scholar 

  5. Choraś, M., Flizikowski, A., Kozik, R., Hołubowicz, W.: Decision aid tool and ontology-based reasoning for critical infrastructure vulnerabilities and threats analysis. In: International Workshop on Critical Information Infrastructures Security, pp. 98–110 (2009)

    Google Scholar 

  6. EBIOS: Ebios risk manager - the method. https://www.ssi.gouv.fr/uploads/ 2019/11/anssi-guide-ebios_risk_manager-en-v1.0.pdf (2019)

  7. ENISA: Cyber security and resilience for Smart Hospitals. https://www.enisa.europa.eu/publications/cyber-security-and-resilience-for-smart-hospitals (2016)

  8. Fernández-López, M., Gómez-Pérez, A., Juristo, N.: Methontology: from ontological art towards ontological engineering (1997)

    Google Scholar 

  9. Horridge, M., Knublauch, H., Rector, A., Stevens, R., Wroe, C.: A practical guide to building owl ontologies using the protégé-owl plugin and co-ode tools edition 1.0. University of Manchester (2004)

    Google Scholar 

  10. Ma, M., Liu, L., Lin, Y., Pan, D., Wang, P.: Event description and detection in cyber-physical systems: an ontology-based language and approach. In: 2017 IEEE 23rd International Conference on Parallel and Distributed Systems (ICPADS), pp. 1–8. IEEE (2017)

    Google Scholar 

  11. Miller, W.B.: Classifying and cataloging cyber-security incidents within cyber-physical systems (2014)

    Google Scholar 

  12. Musen, M.A.: The protégé project: a look back and a look forward. AI Matters 1(4), 4–12 (2015)

    CrossRef  Google Scholar 

  13. Ponemon, I.: Cost of a data breach 2019 report (2019)

    Google Scholar 

  14. Syed, Z., Padia, A., Finin, T., Mathews, L., Joshi, A.: UCO: a unified cybersecurity ontology. In: Workshops at the 30th Conference on Artificial Intelligence (2016)

    Google Scholar 

  15. Theocharidou, M., Giannopoulos, G.: Risk assessment methodologies for ci protection. part ii: A new approach. Technical report EUR27332 EN (2015)

    Google Scholar 

  16. Trucco, P., Petrenj, B., Bouchon, S., Mauro, C.D.: Ontology-based approach to disruption scenario generation for critical infrastructure systems. Int. J. Crit. Infrastruct. 12(3), 248–272 (2016)

    CrossRef  Google Scholar 

Download references

Acknowledgment

This work is part of the SAFECARE project. This project has received funding as part of the "Secure societies – Protecting freedom and security of Europe and its citizens", challenge of the Horizon 2020 Research and Innovation program of the European Union, under grant agreement 787002.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Samira Si-said Cherfi .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Hannou, FZ., Atigui, F., Lammari, N., Cherfi, S.Ss. (2021). Modelling Cyber-Physical Security in Healthcare Systems. In: Nurcan, S., Korthaus, A. (eds) Intelligent Information Systems. CAiSE 2021. Lecture Notes in Business Information Processing, vol 424. Springer, Cham. https://doi.org/10.1007/978-3-030-79108-7_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-79108-7_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-79107-0

  • Online ISBN: 978-3-030-79108-7

  • eBook Packages: Computer ScienceComputer Science (R0)