Security Standard Compliance Verification in System of SystemsShow others and affiliations
2022 (English)In: IEEE Systems Journal, ISSN 1932-8184, E-ISSN 1937-9234, Vol. 16, no 2, p. 2195-2205Article in journal (Refereed) Published
Abstract [en]
Standard compliance in system of systems (SoS) means complying with standards, laws, and regulations that apply to services from several sources and different levels. Compliance is a major challenge in many organizations because any violation will lead to financial penalties, lawsuits fines, or revocation of licenses to operate within specific industrial market. To support the business lifecycle, organizations also need to monitor the actual processes during run time and not only in their design time. Standard compliance verification is important in the lifecycle for reasons, such as detection of noncompliance as well as operational decisions of running processes. With the promotion of connectivity of systems, existing and new security standards can be employed but there are important aspects, such as technically measurable indicators, in the standards and automation of compliance verification that need to be addressed. This article presents an automated and continuous standard compliance verification framework used to check devices, systems, and services for standard compliance during secure onboarding and run time. In addition, a case study for the Eclipse Arrowhead framework is used to demonstrate the functionality of the standard compliance verification in SoS.
Place, publisher, year, edition, pages
IEEE, 2022. Vol. 16, no 2, p. 2195-2205
Keywords [en]
Automation, security, service-oriented architecture (SoA), standard compliance, standard verification, system of systems (SoS)
National Category
Embedded Systems
Research subject
Cyber-Physical Systems; Electronic systems
Identifiers
URN: urn:nbn:se:ltu:diva-83723DOI: 10.1109/JSYST.2021.3064196ISI: 000732085500001Scopus ID: 2-s2.0-85104258347OAI: oai:DiVA.org:ltu-83723DiVA, id: diva2:1544935
Funder
EU, Horizon 2020
Note
Validerad;2022;Nivå 2;2022-06-29 (sofila);
Finansiär: ECSEL Joint Undertaking; National Funding Authorities from 18 involved countries under the research project Arrowhead Tools (826452)
2021-04-162021-04-162022-06-29Bibliographically approved