DOI:
https://doi.org/10.14483/23448350.22581Published:
12/03/2024Issue:
Vol. 51 No. 3 (2024): September-December 2024 (Continuos Publication)Section:
Research ArticlesMoRCiTO: hacia un modelo de referencia de ciberseguridad para la tecnología de la operación como preparación para la era cuántica, a fin de prevenir ataques de red a sistemas ciber-físicos en infraestructuras críticas
MoRCiTO: Towards a Cybersecurity Reference Model for Operation Technology in Preparation for the Quantum Era to Prevent Network Attacks on Cyber-Physical Systems in Critical Infrastructures
Keywords:
Modelo de referencia, Ciberseguridad, Sistemas ciber-físicos, Era cuántica, Amenazas, Vulnerabilidades, Infraestructuras críticas, Tecnología de la operación, Criptografía, QKD, MoRCiTO (es).Keywords:
critical infrastructures, cryptography, cyber-physical systems, cybersecurity, operation technology, quantum era, Quantum Key Distribution, reference model, threats, vulnerabilities (en).Downloads
Abstract (es)
En esta publicación se propone un modelo de referencia de ciberseguridad para la tecnología de la operación (MoRCiTO) como preparación para la era cuántica para prevenir ataques de red a sistemas ciber-físicos (SCF) en
infraestructuras críticas (IC). El modelo propuesto es el resultado de una revisión de estudios primarios que abordan diferentes aspectos como, entre otros, las amenazas de los equipos cuánticos contra los sistemas criptográficos actuales (así como las que aún están por aparecer), permitiendo caracterizar el modelo de referencia propuesto. Este trabajo contribuye significativamente al campo de la ciberseguridad, proporcionando un modelo de referencia adaptado a la inminente llegada de la era cuántica. Es un paso crucial hacia la preparación de IC contra amenazas avanzadas y establece una base sólida para investigaciones futuras en el área de la ciberseguridad cuántica. Además, el modelo puede ser adoptado por entidades gubernamentales y organizaciones encargadas de la gestión de IC para fortalecer su resiliencia ante posibles ataques cuánticos. Su implementación ayudará a garantizar la continuidad operativa y la protección de sistemas vitales en un entorno de amenazas en constante evolución.
Abstract (en)
This publication proposes a cybersecurity reference model for operation technology (MoRCiTO) as preparation for the quantum era to prevent network attacks on cyber-physical systems (CPS) in critical infrastructures (CI). The proposed model is the result of a review of primary studies that address different aspects such as, among others, the threats of quantum equipment against current cryptographic systems (as well as those that are yet to appear), enabling the characterization of the proposed reference model. This work contributes significantly to the field of cybersecurity, providing a reference model tailored to the imminent arrival of the quantum era. It is a crucial step towards CI preparedness against advanced threats and establishes a solid foundation for future research in quantum cybersecurity area. In addition, the model can be adopted by government entities and organizations in charge of CI management to strengthen their resilience against potential quantum attacks. Its implementation will help to ensure operational continuity and the protection of vital systems in a constantly evolving threat environment.
References
Abdi, F., Chen, C.-Y., Hasan, M., Liu, S., Mohan, S., Caccamo, M. (2018). Guaranteed physical security with restart-based design for cyber-physical systems [Artículo de conferencia]. ACM/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS). https://doi.org/10.1109/ICCPS.2018.00010
Adam, A., Rivlin, E., Shimshoni, I., Reinitz, D. (2008). Robust real-time unusual event detection using multiple fixed-location monitors. IEEE Transactions on Pattern Analysis and Machine Intelligence, 30(3), 555-560. https://doi.org/10.1109/TPAMI.2007.70825
Aguado, A., López, V., Martinez-Mateo, J., Peev, M., López, D., Martin, V. (2018). Virtual network function deployment and service automation to provide end-to-end quantum encryption. Journal of Optical Communications and Networking, 10(4), e421. https://doi.org/10.1364/JOCN.10.000421
Ahn, J., Chung, J., Kim, T., Ahn, B., Choi, J. (2021). An overview of quantum security for distributed energy resources [Artículo de conferencia]. IEEE 12th International Symposium on Power Electronics for Distributed Generation Systems (PEDG). https://doi.org/10.1109/PEDG51384.2021.9494203
Akter, M. S. (2023). Quantum cryptography for enhanced network security: A comprehensive survey of research, developments, and future directions. https://doi.org/10.48550/arXiv.2306.09248
Alagic, G., Alperin-Sheriff, J., Apon, D., Cooper, D., Dang, Q., Liu, Y.-K., Miller, C., Moody, D., Peralta, R., Perlner, R., Robinson, A., Smith-Tone, D. (2019). Status report on the first round of the NIST post-quantum cryptography standardization process. https://doi.org/10.6028/NIST.IR.8240
Albataineh, H., Nijim, M. (2021). Enhancing the cybersecurity education curricula through quantum computation. En K. Daimi, H. R. Arabnia, L. Deligiannidis, M. S. Hwang & F. G. Tinetti (Eds.), Advances in Security, Networks, and Internet of Things (pp. 223-231). Springer International Publishing. https://doi.org/10.1007/978-3-030-71017-0_16
Alcaraz, C. (2018). Cloud-assisted dynamic resilience for cyber-physical control systems. IEEE Wireless Communications, 25(1), 76-82. https://doi.org/10.1109/MWC.2018.1700231
Alcaraz, C., Zeadally, S. (2015). Critical infrastructure protection: Requirements and challenges for the 21st century. International Journal of Critical Infrastructure Protection, 8, 53-66. https://doi.org/10.1016/j.ijcip.2014.12.002
Ali, A. (2021). A pragmatic analysis of pre- and post-quantum cyber security scenarios [Artículo de conferencia]. International Bhurban Conference on Applied Sciences and Technologies (IBCAST). Https://doi.org/10.1109/IBCAST51254.2021.9393278
Al-Mohammed, H. A., Al-Ali, A., Yaacoub, E., Qidwai, U., Abualsaud, K., Rzewuski, S., Flizikowski, A. (2021). Machine learning techniques for detecting attackers during quantum key distribution in IoT networks with application to railway scenarios. IEEE Access, 9, 136994-137004. https://doi.org/10.1109/ACCESS.2021.3117405
Amador Donado, S., Pardo Calvache, C. J., Mazo Peña, R. (2024). Revisión preliminar: ciberseguridad para tecnología de la operación en la era cuántica contra ataques de red a infraestructuras críticas. Revista INGE CUC, 20(2), por publicar.
Antoliš, K., Mišević, P., Miličević, A. (2015). Vulnerabilities of new technologies and the protection of CNI. https://hrcak.srce.hr/file/206704
Axelrod, C. W. (2013). Managing the risks of cyber-physical systems [Artículo de conferencia]. IEEE Long Island Systems, Applications and Technology Conference (LISAT). https://doi.org/10.1109/LISAT.2013.6578215
Baracaldo, N., Joshi, J. B. D. (2009). Mitigating insider threats to database security: A role-based approach. ACM Transactions on Information and System Security (TISSEC), 12(4), 1-29.
Baykara, M., Gurturk, U., Das, R. (2018). An overview of monitoring tools for real-time cyber-attacks [Artículo de conferencia]. 6th International Symposium on Digital Forensic and Security (ISDFS). Https://doi.org/10.1109/ISDFS.2018.8355339
Bernstein, D. J., Lange, T. (2017). Post-quantum cryptography. Nature, 549(7671), 188-194. https://doi.org/10.1038/nature23461
Bililign, S. (2013). The need for interdisciplinary research and education for sustainable human development to deal with global challenges. International Journal of African Development, 1(1), e18. https://scholarworks.wmich.edu/ijad/vol1/iss1/8
Bruß, D., Lütkenhaus, N. (2000). Quantum key distribution: From principles to practicalities. Applicable Algebra in Engineering, Communication and Computing, 10(4-5), 383-399. https://doi.org/10.1007/s002000050137
Busby, D. J. (2000). Peacetime use of computer network attack. https://doi.org/https://doi.org/10.21236/ada377624
Caicedo, D. S. (2017). Global critical infrastructure: Attacking the vulnerability of global cyber networks to create societal collapse. https://api.semanticscholar.org/CorpusID:55418315
Campagna, M., Chen, L., Dagdelen, O., Ding, J., Fernick, J., Gisin, N., Zhang, Z. (2015). Quantum Safe Cryptography and Security: An introduction, benefits, enablers and challenges. European Telecommunications Standards Institute.
Campbell Sr., R. E. (2020). The need for cyber resilient enterprise distributed ledger risk management framework. The Journal of The British Blockchain Association, 3(1), 1-9. https://doi.org/10.31585/jbba-3-1-(5)2020
Cao, Y., Zhao, Y., Colman-Meixner, C., Yu, X., Zhang, J. (2017). Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD). Optics Express, 25(22), e26453. https://doi.org/10.1364/OE.25.026453
Carle, G., Debar, H., Dressler, F., König, H. (2012). Network attack detection and defense early warning systems - Challenges and perspectives (Dagstuhl Seminar 12061). Dagstuhl Reports, 2(2), 1-20. https://doi.org/10.4230/DagRep.2.2.1
Cerf, N. J., Bourennane, M., Karlsson, A., Gisin, N. (2002). Security of quantum key distribution using d-level systems. Physical Review Letters, 88(12), e127902. https://doi.org/10.1103/PhysRevLett.88.127902
Choi, J.-W., Kang, M.-S., Heo, J., Hong, C., Yoon, C.-S., Han, S.-W., Moon, S., Yang, H.-J. (2020). Quantum challenge-response identification using single qubit unitary operators. Physica Scripta, 95(10), e105104. https://doi.org/10.1088/1402-4896/abaf8e
CISA (2021). Critical Infrastructure Sectors. https://www.cisa.gov/sites/default/files/publications/21-0860_EOY_REPORT_508c.pdf
Clark-Ginsberg, A., Slayton, R. (2019). Regulating risks within complex sociotechnical systems: Evidence from critical infrastructure cybersecurity standards. Science and Public Policy, 46(3), 339-346. https://doi.org/10.1093/scipol/scy061
Cook, A., Nicholson, A., Janicke, H., Maglaras, L., Smith, R. (2016). Attribution of cyber-attacks on industrial control systems. EAI Endorsed Transactions on Industrial Networks and Intelligent Systems, 3(7), e151158. https://doi.org/10.4108/eai.21-4-2016.151158
Cruz, T., Simões, P. (2021). Down the rabbit hole: Fostering active learning through guided exploration of a SCADA cyber range. Applied Sciences, 11(20), e23. https://doi.org/10.3390/app11209509
Dacier, M., Kargl, F., König, H., Valdes, A. (2014). Network attack detection and defense: Securing industrial control systems for critical infrastructures (Dagstuhl Seminar 14292). Dagstuhl Reports, 4(7), 62-79. https://doi.org/10.4230/DagRep.4.7.62
Diffie, W., Hellman, M. E. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644-654.
Dixon, A. R., Dynes, J. F., Lucamarini, M., Fröhlich, B., Sharpe, A. W., Plews, A., Tam, W., Yuan, Z. L., Tanizawa, Y., Sato, H., Kawamura, S., Fujiwara, M., Sasaki, M., Shields, A. J. (2017). Quantum key distribution with hacking countermeasures and long-term field trial. Scientific Reports, 7(1), e1978. https://doi.org/10.1038/s41598-017-01884-0
Dutta, H., Bhuyan, A. K. (2024). Quantum communication: From fundamentals to recent trends, challenges and open problems. http://arxiv.org/abs/2406.04492
European Commission (2017). Critical infrastructures – Enhancing preparedness & resilience for the security of citizens and services supply continuity [Artículo de conferencia]. Proceedings of the 52nd ESReDA Seminar Hosted by the Lithuanian Energy Institute & Vytautas Magnus University.
European Union (2018). General Data Protection Regulation (GDPR). https://gdpr-info.eu/
European Union Agency for Network, ENISA (2018). Good practices for security of internet of things in the context of smart manufacturing. https://www.enisa.europa.eu/publications/good-practices-for-security-of-iot/@@download/fullReport
Fehr, S., Salvail, L. (2017). Quantum authentication and encryption with key recycling [Artículo de conferencia]. Advances in Cryptology – EUROCRYPT 2017. https://doi.org/10.1007/978-3-319-56617-7_11
Fernández-Carames, T. M., Fraga-Lamas, P. (2020). Towards post-quantum blockchain: A review on blockchain cryptography resistant to quantum computing attacks. IEEE Access, 8, 21091-21116. https://doi.org/10.1109/ACCESS.2020.2968985
Flowers, A., Zeadally, S., Murray, A. (2013). Cybersecurity and US legislative efforts to address cybercrime. Journal of Homeland Security and Emergency Management, 10(1), 29-55. https://doi.org/10.1515/jhsem-2012-0007
Fu, H. (2015). Legal protection of cyberspace infrastructure and information safety in china-a response to cyberspace challenges to china’s national security. https://doi.org/10.2991/meita-15.2015.6
Gatto, A., Ferrari, M., Brunero, M., Gagliano, A., Tarable, A., Bodanapu, D., Giorgetti, A., Andriolli, N., Paganelli, R., Strambini, L., Martelli, P., Martinelli, M. (2022). Integration of QKD technologies in advanced optical networks [Artículo de conferencia]. IEEE 15th Workshop on Low Temperature Electronics (WOLTE). Https://doi.org/10.1109/WOLTE55422.2022.9882652
Gisin, N., Ribordy, G., Tittel, W., Zbinden, H. (2002). Quantum cryptography. Reviews of Modern Physics, 74(1), 145-195.
Goorden, S. A., Horstmann, M., Mosk, A. P., Škorić, B., Pinkse, P. W. H. (2014). Quantum-secure authentication of a physical unclonable key. Optica, 1(6), e421. https://doi.org/10.1364/OPTICA.1.000421
Goy, M., Berlich, R., Kržič, A., Rieländer, D., Kopf, T., Sharma, S., Steinlechner, F. O. (2021). High performance optical free-space links for quantum communications. En Z. Sodnik, B. Cugny & N. Karafolas (Eds.), International Conference on Space Optics — ICSO 2020 (p. 18). SPIE. https://doi.org/10.1117/12.2599163
Gras, G., Rusca, D., Zbinden, H., Bussières, F. (2021). Countermeasure against quantum hacking using detection statistics. Physical Review Applied, 15(3), e034052. https://doi.org/10.1103/PhysRevApplied.15.034052
Haber, E., Zarsky, T. Z. (2017). Cybersecurity for infrastructure: A critical analysis. Information Privacy Law eJournal. https://api.semanticscholar.org/CorpusID:158139470
Hahn, A. (2016). Operational technology and information technology in industrial control systems. En E. Colbert 7 A. Kott (Eds.), Advances in Information Security (vol. 66, pp. 51-68). Springer New York. https://doi.org/10.1007/978-3-319-32125-7_4
Hamza, A., Gharakheili, H. H., Sivaraman, V. (2020). IoT network security: Requirements, threats, and countermeasures. http://arxiv.org/abs/2008.09339
Haney, M. (2019). Leveraging cyber-physical system honeypots to enhance threat intelligence. En J. Staggs & S. Shenoi (Eds.), IFIP Advances in Information and Communication Technology (vol. 570 IFIP, pp. 209-233). Springer International Publishing. https://doi.org/10.1007/978-3-030-34647-8_11
Hartman, S. M. (2012). Protecting accelerator control systems in the face of sophisticated cyber-attacks. https://api.semanticscholar.org/CorpusID:55389350
Holdsworth, J., Apeh, E. (2017). An effective immersive cyber security awareness learning platform for businesses in the hospitality sector [Artículo de conferencia]. IEEE 25th International Requirements Engineering Conference Workshops (REW). https://doi.org/10.1109/REW.2017.47
Holley, K. A. (2009). Special issue: Understanding interdisciplinary challenges and opportunities in higher education. Ashe Higher Education Report, 35, 1-131. https://api.semanticscholar.org/CorpusID:146511487
Hoschek, M. (2021). Quantum security and 6G critical infrastructure. Serbian Journal of Engineering Management, 6(1), 1-8. https://doi.org/10.5937/SJEM2101001H
Hossain Faruk, M. J., Tahora, S., Tasnim, M., Shahriar, H., Sakib, N. (2022). A review of quantum cybersecurity: Threats, risks and opportunities [Artículo de conferencia]. 1st International Conference on AI in Cybersecurity (ICAIC). https://doi.org/10.1109/ICAIC53980.2022.9896970
Huang, K., Zhou, C., Tian, Y. C., Yang, S., Qin, Y. (2018). Assessing the physical impact of cyberattacks on industrial cyber-physical systems. IEEE Transactions on Industrial Electronics, 65(10), 8153-8162. https://doi.org/10.1109/TIE.2018.2798605
Hughes, R. J., Nordholt, J. E., McCabe, K. P., Newell, R. T., Peterson, C. G., Somma, R. D. (2013). Network-centric quantum communications. Frontiers in Optics, 2013, FW2C.1. https://doi.org/10.1364/FIO.2013.FW2C.1
Hui, P., Bruce, J., Fink, G., Gregory, M., Best, D., McGrath, L., Endert, A. (2010). Towards efficient collaboration in cyber security [Artículo de conferencia]. International Symposium on Collaborative Technologies and Systems. https://doi.org/10.1109/CTS.2010.5478473
International Organization for Standardization (ISO) (2018). Risk management – Guidelines (número ISO 31000:2018). International Organization for Standardization.
ISO/IEC 27001 (2013). Information technology – Security techniques – Information security management systems – Requirements (número ISO/IEC 27001:2013). International Organization for Standardization.
Jahanian, F. (2011). Reflections on the evolution of internet threats [Artículo de conferencia]. 18th ACM Conference on Computer and communications security. https://doi.org/10.1145/2046707.2046709
Jain, N., Stiller, B., Khan, I., Elser, D., Marquardt, C., Leuchs, G. (2016). Attacks on practical quantum key distribution systems (and how to prevent them). Contemporary Physics, 57(3), 366-387. https://doi.org/10.1080/00107514.2016.1148333
Kalra, M., Poonia, R. C. (2017). Design a new protocol for quantum key distribution. Journal of Information and Optimization Sciences, 38(6), 1047-1054. https://doi.org/10.1080/02522667.2017.1374723
Kanamori, Y., Seong-Moo Yoo, Gregory, D. A., Sheldon, F. T. (2005). On quantum authentication protocols [Artículo de conferencia]. GLOBECOM ’05. IEEE Global Telecommunications Conference. https://doi.org/10.1109/GLOCOM.2005.1577930
Kanamori, Y., Yoo, S.-M., Gregory, D. A., Sheldon, F. T. (2009). Authentication protocol using quantum superposition states. International Journal of Network Security, 9(2), 101-108.
Käppler, S. A., Schneider, B. (2021). Post-quantum cryptography: An introductory overview and implementation challenges of quantum-resistant algorithms. En K. Hinkelmann & A. Gerber (Eds.), Proceedings of the Society 5.0 Conference 2022 - Integrating Digital World and Real World to Resolve Challenges in Business and Society (pp. 61-49). EasyChair. https://doi.org/10.29007/2tpw
Karim, M. E., Phoha, V. V. (2014). Cyber-physical systems security. En S. Suh, U. Tanik, J. Carbone, & A. Eroglu (Eds.), Applied Cyber-Physical Systems (pp. 75-83). Springer New York. https://doi.org/10.1007/978-1-4614-7336-7_7
Karol, M., Życzkowski, M. (2015). Quantum technology in critical infrastructure protection. Safety and Security Engineering VI, 1, 109-119. https://doi.org/10.2495/SAFE150101
Khan, A. A., Ahmad, A., Waseem, M., Liang, P., Fahmideh, M., Mikkonen, T., Abrahamsson, P. (2022). Software architecture for quantum computing systems - Asystematic review. SSRN Electronic Journal, por publicar. https://doi.org/10.2139/ssrn.4040490
Khan, I. (2018). Quantum communication in space – Challenges and opportunities. Imaging and Applied Optics, 2018, AM5A.2. https://doi.org/10.1364/AIO.2018.AM5A.2
Knapp, E. D., Langill, J. T. (2015). Standards and regulations. En E. D. Knapp & J. T. Langill (Eds.), Industrial Network Security (pp. 387-407). Elsevier. https://doi.org/10.1016/B978-0-12-420114-9.00013-7
Kneller, V. Yu., Fayans, A. M. (2019). Solving interdisciplinary tasks: The challenge and the ways to surmount it. Journal of Physics: Conference Series, 1379(1), e012011. https://doi.org/10.1088/1742-6596/1379/1/012011
Kumar, A., Dadheech, P., Singh, V., Raja, L., Poonia, R. C. (2019). An enhanced quantum key distribution protocol for security authentication. Journal of Discrete Mathematical Sciences and Cryptography, 22(4), 499-507. https://doi.org/10.1080/09720529.2019.1637154
Kumar Rao, S., Mahto, D., Kumar Yadav, D., Ali Khan, D. (2017). The AES-256 cryptosystem resists quantum attacks. International Journal of Advanced Research in Computer Science, 8(3), 404-408. https://doi.org/https://doi.org/10.26483/ijarcs.v8i3.3025
Lancho, D., Martinez, J., Elkouss, D., Soto, M., Martin, V. (2010). QKD in standard optical telecommunications networks. En A. Sergienko, S. Pascazio, & P. Villoresi (Eds.), Quantum Communication and Quantum Networking (pp. 142-149). Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-11731-2_18
Laughlin, C. (2016). Cybersecurity in critical infrastructure sectors: a proactive approach to ensure inevitable laws and regulations are effective. Colorado Technology Law Journal, 14(2), 2871452. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2871452
Linke, N. M., Maslov, D., Roetteler, M., Debnath, S., Figgatt, C., Landsman, K. A., Wright, K., Monroe, C. (2017). Experimental comparison of two quantum computing architectures. Proceedings of the National Academy of Sciences, 114(13), 3305-3310. https://doi.org/10.1073/pnas.1618020114
Liu, W., Peng, J., Huang, P., Huang, D., Zeng, G. (2017). Monitoring of continuous-variable quantum key distribution system in real environment. Optics Express, 25(16), 19429. https://doi.org/10.1364/OE.25.019429
Liu, Y., Cao, Z., Curty, M., Liao, S.-K., Wang, J., Cui, K., Yin, J., Li, Y., Chen, K., , Peng, C.-Z. (2014). Experimental demonstration of quantum authentication. Physical Review Letters, 113(4), e40505.
Lloyd, S., Mohseni, M., Rebentrost, P. (2010). Quantum algorithms for solving linear systems of equations. Physical Review Letters, 105(15), e150502.
Lu, K.-C., Liu, I.-H., Liao, J.-W., Wu, S.-C., Liu, Z.-C., Li, J.-S., Li, C.-F. (2019). Evaluation and build to honeypot system about scada security for large-scale IoT devices. Journal of Robotics, Networking and Artificial Life, 6(3), e157. https://doi.org/10.2991/jrnal.k.191202.008
Ludvigsen, K. R., Nagaraja, S. (2022). The opportunity to regulate cybersecurity in the EU (and the World): Recommendations for the cybersecurity resilience act. http://arxiv.org/abs/2205.13196
Luo, Y., Li, Q., Mao, H.-K. (2023). How to achieve end-to-end key distribution for QKD Networks in the presence of untrusted nodes. https://doi.org/https://doi.org/10.48550/arXiv.2302.07688
Majumder, S. R., Giani, A., Shen, W., Neculaes, B., Zhu, D., Johri, S. (2023). Quantum computation: Efficient network partitioning for large scale critical infrastructures. http://arxiv.org/abs/2302.02074
Malina, L., Dobias, P., Hajny, J., Choo, K.-K. R. (2023). On deploying quantum-resistant cybersecurity in intelligent infrastructures [Artículo de conferencia]. 18th International Conference on Availability, Reliability and Security. https://doi.org/10.1145/3600160.3605038
Mao, S., Zhang, H., Wu, W., Liu, J., Li, S., Wang, H. (2014). A resistant quantum key exchange protocol and its corresponding encryption scheme. China Communications, 11(9), 124-134. https://doi.org/10.1109/CC.2014.6969777
Mao, Y., Huang, W., Zhong, H., Wang, Y., Qin, H., Guo, Y., Huang, D. (2020). Detecting quantum attacks: A machine learning based defense strategy for practical continuous-variable quantum key distribution. New Journal of Physics, 22(8), 083073. https://doi.org/10.1088/1367-2630/aba8d4
Martelli, P., Gatto, A., Brunero, M., Bodanapu, D., Rapisarda, M., Comi, P. M., Martinelli, M. (2021). Integration of QKD in WDM networks [Artículo de conferencia]. 2021 International Conference on Optical Network Design and Modeling (ONDM). https://doi.org/10.23919/ONDM51796.2021.9492394
McMurdo, J. (2014). Cybersecurity firms cyber mercenaries. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.2556412
Microsoft (2018). Security development lifecycle (SDL). https://www.microsoft.com/en-us/securityengineering/sdl
Microsoft (2021). Security update guide. https://msrc.microsoft.com/update-guide
Mihalache, S. F., Pricop, E., Fattahi, J. (2019). Resilience enhancement of cyber-physical systems: A review. En N. Mahdavi Tabatabaei, S.
Najafi Ravadanegh N. Bizon (Eds.), Power Systems Resilience (pp. 269-287). Springer. https://doi.org/10.1007/978-3-319-94442-5_11
Mink, A., Frankel, S., Perlner, R. (2010). Quantum key distribution (QKD) and commodity security protocols: Introduction and integration. http://arxiv.org/abs/1004.0605
Mistry, N. R., Dholakiya, A. Y., Prajapati, J. P., Mistry, N. R., Dholakiya, A. Y., Prajapati, J. P. (2021). Security and privacy aspects using quantum internet. En N. Kumar, A. Agrawal, B. Chaurasia & R. Khan (Eds.), Limitations and Future Applications of Quantum Cryptography (pp. 62-81). IGI Global Scientific Publishing. https://doi.org/10.4018/978-1-7998-6677-0.ch004
Mosca, M. (2018). Cybersecurity in an era with quantum computers: Will we be ready? IEEE Security & Privacy, 16(5), 38-41. https://doi.org/10.1109/MSP.2018.3761723
Nair, P., Patil, S. (2020). Quantum computing in data security: A critical assessment. SSRN Electronic Journal, 2020, e3565438. https://doi.org/10.2139/ssrn.3565438
National Institute of Standards (NIST) (2002). Risk Management guide for information technology systems: Vol. SP 800-30. https://doi.org/10.6028/NIST.SP.800-30
National Institute of Standards (NIST) (2008a). Performance measurement guide for information security. https://doi.org/10.6028/NIST.SP.800-55r1
National Institute of Standards (NIST) (2008b). Technical guide to information security testing and assessment. https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=152164
National Institute of Standards (NIST) (2012). Computer security incident handling guide: Vol. Revision 2. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf
National Institute of Standards (NIST) (2015). Guide to industrial control systems (ICS) Security: Vol. Revision 2. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf
National Institute of Standards (NIST) (2016). Post-quantum cryptography: NIST’s plan for the future. https://nvlpubs.nist.gov/nistpubs/ir/2016/nist.ir.8105.pdf
National Institute of Standards (NIST) (2020). Security and privacy controls for information systems and organizations. https://doi.org/10.6028/NIST.SP.800-53r5
NIST SP 800-30 (2012). Guide for conducting risk assessments. https://doi.org/10.6028/NIST.SP.800-30r1
Nkongolo, M., Van Deventer, J. P., Kasongo, S. M., Van Der Walt, W., Kalonji, R., Pungwe, M. (2022). Network policy enforcement: An intrusion prevention approach for critical infrastructures [Artículo de conferencia]. 6th International Conference on Electronics, Communication and Aerospace Technology. https://doi.org/10.1109/ICECA55336.2022.10009524
Olofinbiyi, S. A. (2022). A reassessment of public awareness and legislative framework on cybersecurity in South Africa. ScienceRise: Juridical Science, 2(20), 34-42. https://doi.org/10.15587/2523-4153.2022.259764
Pătraşcu, P. (2021). Emerging technologies and national security: The impact of IoT in critical infrastructures protection and defence sector. Land Forces Academy Review, 26(4), 423-429. https://doi.org/10.2478/raft-2021-0055
Paul, S., Scheible, P., Wiemer, F. (2022). Towards post-quantum security for cyber-physical systems: Integrating PQC into industrial M2M communication. Journal of Computer Security, 30(4), 623-653. https://doi.org/10.3233/JCS-210037
Payares, E., Martínez-Santos, J. C. (2021). Quantum machine learning for intrusion detection of distributed denial of service attacks: A comparative overview. https://doi.org/10.1117/12.2593297
Pérez-Castillo, R., Serrano, M. A., Piattini, M. (2021). Software modernization to embrace quantum technology. Advances in Engineering Software, 151, e102933. https://doi.org/10.1016/j.advengsoft.2020.102933
Perlner, R. A., Cooper, D. A. (2009). Quantum resistant public key cryptography [Artículo de conferencia]. 8th Symposium on Identity and Trust on the Internet. https://doi.org/10.1145/1527017.1527028
Pirandola, S., Andersen, U. L., Banchi, L., Berta, M., Bunandar, D., Colbeck, R., Englund, D., Gehring, T., Lupo, C., Ottaviani, C., Pereira, J. L., Razavi, M., Shamsul Shaari, J., Tomamichel, M., Usenko, V. C., Vallone, G., Villoresi, P., Wallden, P. (2020). Advances in quantum cryptography. Advances in Optics and Photonics, 12(4), 1012. https://doi.org/10.1364/AOP.361502
Pitwon, R. C. A., Lee, B. H. L. (2021). Harmonising international standards to promote commercial adoption of quantum technologies. En K. Bongs, M. J. Padgett, A. Fedrizzi, & A. Politi (Eds.), Quantum Technology: Driving Commercialisation of an Enabling Science II (vol. 11881, p. 16). SPIE. https://doi.org/10.1117/12.2602888
Pohasii, S., Milevskyi, S., Tomashevsky, B., Yoropay, N. (2022). Development of the double-contour protection concept in socio-cyberphysical systems. Advanced Information Systems, 6(2), 57-66. https://doi.org/10.20998/2522-9052.2022.2.10
Ponemon Institute (2020). The importance of training and awareness programs. https://www.entrust.com/es/resources/reports/global-encryption-trends-study
Ponnusamy, V., Regunathan, N. D., Kumar, P., Annur, R., Rafique, K. (2020). A review of attacks and countermeasures in Internet of Things and cyber physical systems. En P. Kumar, V. Ponnusamy, & V. Jain (Eds.), Industrial Internet of Things and Cyber-Physical Systems: Transforming the Conventional to Digital (pp. 1-24). IGI Global Scientific Publishing. https://doi.org/10.4018/978-1-7998-2803-7.ch001
Popescu, L. (2019). The cyber security of critical infrastructures in an increasingly connected world. https://revista.unap.ro/index.php/bulletin/article/view/616/570
Project Management Institute (2017). A guide to the Project Management Body of Knowledge (PMBOK® Guide). Project Management Institute.
Raheman, F. (2022). The future of cybersecurity in the age of quantum computers. Future Internet, 14(11), 335. https://doi.org/10.3390/fi14110335
Rajamaki, J. (2018). Industry-university collaboration on IoT cyber security education: Academic course: «Resilience of Internet of Things and cyber-physical systems» [Artículo de conferencia]. IEEE Global Engineering Education Conference (EDUCON). https://doi.org/10.1109/EDUCON.2018.8363477
Rajna, G. (2015). Quantum computing and cybersecurity. https://vixra.org/pdf/1505.0109v1.pdf
Ramírez, R., Choucri, N. (2016). Improving interdisciplinary communication with standardized cyber security terminology: A literature review. IEEE Access, 4, 2216-2243. https://doi.org/10.1109/ACCESS.2016.2544381
Rieffel, E. G., Venturelli, D., O’Gorman, B., Do, M. B., Prystay, E. M., Smelyanskiy, V. N. (2015). A case study in programming a quantum annealer for hard operational planning problems. Quantum Information Processing, 14(1), 1-36. https://doi.org/10.1007/s11128-014-0892-x
Rodríguez, A. (2023). A quantum cybersecurity agenda for Europe. Governing the transition to post-quantum cryptography. https://api.semanticscholar.org/CorpusID:260055338
Sandhu, R., Coyne, E. J., Feinstein, H. L., Youman, C. E. (1996). Role-based access control models. IEEE Computer, 29(2), 38-47.
SANS Institute (2019). Collaborative defense: Lessons from the ICS cybersecurity conference. https://www.sans.org/
Scarani, V., Bechmann-Pasquinucci, H., Cerf, N. J., Dušek, M., Lütkenhaus, N., Peev, M. (2009). The security of practical quantum key distribution. Reviews of Modern Physics, 81(3), 1301-1350.
Schneider, F. B. (2013). Cybersecurity education in universities. IEEE Security & Privacy, 11(4), 3-4. https://doi.org/10.1109/MSP.2013.84
Schneier, B. (2018). Click here to kill everybody: Security and survival in a hyper-connected world. WW Norton & Company.
Schwalb, M. (2007). Exploit derivatives & national security. https://heinonline.org/HOL/LandingPage?handle=hein.journals/yjolt9&div=6&id=&page=
Serrano, M. A., Cruz-Lemus, J. A., Pérez-Castillo, R., Piattini, M. (2023). Quantum software components and platforms: Overview and quality assessment. ACM Computing Surveys, 55(8), 1-31. https://doi.org/10.1145/3548679
Shane, P. M. (2012). Texas law review see also response cybersecurity: Toward a meaningful policy framework. https://doi.org/https://doi.org/10.31228/osf.io/b8hms
Sharevski, F., Trowbridge, A., Westbrook, J. (2018). Novel approach for cybersecurity workforce development: A course in secure design [Artículo de conferencia]. IEEE Integrated STEM Education Conference (ISEC). https://doi.org/10.1109/ISECon.2018.8340471
Simonov, M., Bertone, F., Goga, K., Terzo, O. (2019). Cyber kill chain defender for smart meters. Advances in Intelligent Systems and Computing, 772, 386-397. https://doi.org/10.1007/978-3-319-93659-8_34
Singh, H., Gupta, D. L., Singh, A. K. (2014). Quantum key distribution protocols: A review. IOSR Journal of Computer Engineering, 16(2), 01-09. https://doi.org/10.9790/0661-162110109
Sperotto, A., Hofstede, R., Dainotti, A., Schmitt, C., Rodosek, G. D. (2015). Special issue on measure, detect and mitigate–challenges and trends in network security. International Journal of Network Management, 25(5), 261-262. https://doi.org/10.1002/nem.1905
Ståhl, B. (2013). Monitoring infrastructure affordances [Tesis de doctorado, Blekinge Institute of Technology]. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-00544
Stoneburner, G., Goguen, A., Feringa, A. (2002). Risk management guide for information technology systems. https://sites.pitt.edu/~dtipper/2825/NIST_Risk.pdf
Streich, G. (2023). (Re-)configuring federal cybersecurity regulation: From critical infrastructures to the whole-of-the-nation. Indiana Law Review, 55(4), 733-766. https://doi.org/10.18060/27133
Sturgeon, J. G. (2012). Taking a quantum leap in cyber-deterrence. https://api.semanticscholar.org/CorpusID:114567315
Taiber, J. (2020). Unsettled topics concerning the impact of quantum technologies on automotive cybersecurity. https://doi.org/10.4271/EPR2020026
Tao, Y., Xu, W., Li, H., Ji, S. (2019). Experience and lessons in building an ICS security testbed [Artículo de conferencia]. 1st International Conference on Industrial Artificial Intelligence (IAI), level 0. https://doi.org/10.1109/ICIAI.2019.8850804
Taylor, J. M., Sharif, H. R. (2017). Security challenges and methods for protecting critical infrastructure cyber-physical systems [Artículo de conferencia]. International Conference on Selected Topics in Mobile and Wireless Networking (MoWNeT). https://doi.org/10.1109/MoWNet.2017.8045959
Teodoraș, D.-A., Popovici, E.-C., Suciu, G., Sachian, M.-A. (2023). Quantum technology’s role in cybersecurity. En M. Vladescu, I. Cristea & R. D. Tamas (Eds.), Advanced Topics in Optoelectronics, Microelectronics, and Nanotechnologies XI (vol. 12493, p. 99). SPIE. https://doi.org/10.1117/12.2643300
Tian, W., Ji, X., Liu, W., Liu, G., Zhai, J., Dai, Y., Huang, S. (2020). Prospect theoretic study of honeypot defense against advanced persistent threats in power grid. IEEE Access, 8, 64075-64085. https://doi.org/10.1109/ACCESS.2020.2984795
Tomita, A. (2019). Implementation security certification of Decoy‐BB84 quantum key distribution systems. Advanced Quantum Technologies, 2(5-6), e1900005. https://doi.org/10.1002/qute.201900005
Tummala, V. M. R., Schoenherr, T. (2011). Assessing and managing risks using the supply chain risk management process (SCRMP). Supply Chain Management, 16(6), 474-483.
Tyshyk, I. (2022). Testing the organization’s corporate network for unauthorized access. Cybersecurity: Education, Science, Technique, 2(18), 39-48. https://doi.org/10.28925/2663-4023.2022.18.3948
Vermeer, M. J. D., Heitzenrater, C., Parker, E., Moon, A., Lumpkin, D., Awan, J., Stapleton, P. A. (2023). Evaluating cryptographic vulnerabilities created by quantum computing in industrial control systems. RAND Corporation. https://doi.org/10.7249/RRA2427-1
Walenta, N., Soucarros, M., Stucki, D., Caselunghe, D., Domergue, M., Hagerman, M., Hart, R., Hayford, D., Houlmann, R., Legré, M., McCandlish, T., Page, J.-B., Tourville, M., Wolterman, R. (2015). Practical aspects of security certification for commercial quantum technologies. En D. A. Huckridge, R. Ebert, M. T. Gruneisen, M. Dusek, & J. G. Rarity (Eds.), Electro-Optical and Infrared Systems: Technology and Applications XII; and Quantum Information Science and Technology (vol. 9648, p. 96480U). SPIE. https://doi.org/10.1117/12.2193776
Whitman, M. E., Mattord, H. J. (2018). Principles of information security. Cengage Learning.
Witteman, H. O., Stahl, J. E. (2013). Facilitating interdisciplinary collaboration to tackle complex problems in health care: Report from an exploratory workshop. Health Systems, 2(3), 162-170. https://doi.org/10.1057/hs.2013.3
Woo, H., Yi, J., Browne, J. C., Mok, A. K., Atkins, E., Xie, F. (2008). Design and development methodology for resilient cyber-physical systems [Artículo de conferencia]. 2008 The 28th International Conference on Distributed Computing Systems Workshops. https://doi.org/10.1109/ICDCS.Workshops.2008.62
Xu, F., Ma, X., Zhang, Q., Lo, H.-K., Pan, J.-W. (2020). Secure quantum key distribution with realistic devices. Reviews of Modern Physics, 92(2), 025002. https://doi.org/10.1103/RevModPhys.92.025002
Xu, G., Chen, X.-B., Dou, Z., Yang, Y.-X., Li, Z. (2015). A novel protocol for multiparty quantum key management. Quantum Information Processing, 14(8), 2959-2980. https://doi.org/10.1007/s11128-015-1021-1
Xu, W., Tao, Y., Yang, C., Chen, H. (2019). MSICST: Multiple-scenario industrial control system testbed for security research. Computers, Materials & Continua, 60(2), 691-705. https://doi.org/10.32604/cmc.2019.05678
Yao, D. D., Almohri, H. M. J. (2013). High assurance models for secure systems. https://api.semanticscholar.org/CorpusID:110786313
Yesina, M. V., Ostrianska, Ye. V., Gorbenko, I. D. (2022). Status report on the third round of the NIST post-quantum cryptography standardization process. Radiotekhnika, 3(210), 75-86. https://doi.org/10.30837/rt.2022.3.210.05
Yesina, M. V., Potii, O. V., Gorbenko, Yu. I., Ponomar, V. A. (2022). Risk estimation methodology in the post-quantum period. Radiotekhnika, 209, 7-15. https://doi.org/10.30837/rt.2022.2.209.01
Zavitsanos, D., Ntanos, A., Toumasis, P., Raptakis, A., Kouloumentas, C., Stathopoulos, T., Setaki, F., Theodoropoulou, E., Lyberopoulos, G., Giannoulis, G., Avramopoulos, H. (2022). Coexistence studies for DV-QKD integration in deployed RAN infrastructure [Artículo de conferencia]. International Workshop on Fiber Optics in Access Networks (FOAN). https://doi.org/10.1109/FOAN56774.2022.9939691
Zhang, L., Wang, Q., Tian, B. (2013). Security threats and measures for the cyber-physical systems. Journal of China Universities of Posts and Telecommunications, 20(Suppl. 1), 25-29. https://doi.org/10.1016/S1005-8885(13)60254-X
Zhao, Y., Fung, C.-H. F., Qi, B., Chen, C., Lo, H.-K. (2008). Quantum hacking: Experimental demonstration of time-shift attack against practical quantum-key-distribution systems. Physical Review A, 78(4), 0e42333. https://doi.org/10.1103/PhysRevA.78.042333
Zhao, W., White, G. (2014). Designing a Formal Model Facilitating Collaborative Information Sharing for Community Cyber Security [Artículo de conferencia]. 47th Hawaii International Conference on System Sciences, Waikoloa, HI, USA. https://doi.org/10.1109/HICSS.2014.252
Zobel, C. W., Khansa, L. (2012). Quantifying cyberinfrastructure resilience against multi‐event attacks. Decision Sciences, 43(4), 687-710. https://doi.org/10.1111/j.1540-5915.2012.00364.x
How to Cite
APA
ACM
ACS
ABNT
Chicago
Harvard
IEEE
MLA
Turabian
Vancouver
Download Citation
License
Copyright (c) 2024 Siler Amador-Donado, César-Jesús Pardo-Calvache, Raúl Mazo-Peña
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
When submitting their article to the Scientific Journal, the author(s) certifies that their manuscript has not been, nor will it be, presented or published in any other scientific journal.
Within the editorial policies established for the Scientific Journal, costs are not established at any stage of the editorial process, the submission of articles, the editing, publication and subsequent downloading of the contents is free of charge, since the journal is a non-profit academic publication. profit.