ISA Transactions xxx (xxxx) xxx

Contents lists available at ScienceDirect

ISA Transactions
journal homepage: www.elsevier.com/locate/isatrans

Research article

Security Perspective Analysis of Industrial Cyber Physical Systems

(I-CPS): A Decade-wide Survey
∗
Neha Agrawal a , , Rohit Kumar b
a
IIIT Sri City, Chittoor, A.P, 517646, India
b
KREA University, Sri City, Chittoor, A.P, 517646, India

article info a b s t r a c t

Article history: Considering the exceptional growth of Cyber Physical Systems (CPSs), multiple and potentially grave
Received 19 September 2021 security challenges have emerged in this field. Different vulnerabilities and attacks are present in front
Received in revised form 21 March 2022 of new generation CPSs, such as Industrial CPS (I-CPS). The underlying non-uniform standards, device
Accepted 21 March 2022
heterogeneity, network complexity, etc., make it difficult to offer a systematized coverage on CPS
Available online xxxx
security in an industrial environment. This work considers the security perspective of I-CPSs, and offers
Keywords: a decade-wide survey including different vulnerabilities, attacks, CPS components, and various other
Cyber Physical Systems (CPS) aspects. The comparative year-wise analysis of the existing works w.r.t objective, approach referred,
Internet of Things (IoT) testbed used and derived inference, is also presented over a decade. Additionally, the work details
Industrial IoT (IIoT) different security issues and research challenges present in I-CPS. This work attempts to offer a concise
Cloud/Edge/Fog computing
and precise literature study focused on the state-of-the-art I-CPS security. This work also encourages
Unmanned Aerial Vehicle (UAV)
the young researchers to explore the wide possibilities present in this emerging field.
© 2022 ISA. Published by Elsevier Ltd. All rights reserved.

1. Introduction safety, etc. [3]. Considering the above discussion, Fig. 1 helps
to maintain a clear distinction among IoT, IIoT, CPS, and I-CPS,
The recent growth of smart environments (smart homes, smart which is adapted from [4]. Machine-to-machine and industrial
cities, etc.) has led to the development of Internet of Things (IoT). communication technologies with automation applications are
The incredible potential of IoT is quite predictable having an esti- included in IIoT as a subset of IoT. The IoT opens the door to
mate of 50 billion IoT devices in near future. The most important improve understanding of the industrial process, enabling more
use of IoT is its engagement in the industrial environment. The efficient and sustainable manufacturing. Furthermore, IoT is more
emergence of Industrial Internet of Things (IIoT) revolutionizes about linking ‘‘Things’’ (Objects and Machines) to the internet
the manufacturing and production processes using enormous and, eventually, to each other, whereas CPS is the integration of
sensing devices and the combination of Cloud/Fog/Edge comput- computer, networking, and physical processes. In addition to the
ing and Artificial Intelligence [1]. IIoT is largely acknowledged above details, a comparison of CPS and IIoT is shown in Fig. 2
to be a subset of IoT. IoT typically includes consumer devices in which is adapted from [5]. The similarities between the two aid
lifestyle and retail, while IIoT mainly covers Smart manufacturing in the development of I-CPS.
process, Smart logistics and Operational technology. IIoT needs Due to the limited computing, storage and network capac-
a systematic approach to communicate with other architectural ity, most of the IoT devices are quite easy to compromise and
components [2]. Additionally, the system data handling, cyber- hack. Therefore, such devices are more prone to attacks than
security, and the distribution of system software components normal endpoint devices. The security concerns are more critical
need a dominant approach. in an IIoT environment in comparison to IoT. The high degree of
Cyber Physical System (CPS) is the solution to all such prob- inter-connectivity in IIoT offers multiple opportunities not only
lems in the IIoT environment. The implementation of a CPS in IIoT to the industrial users but also to the cyber-criminals [6]. The
leads to the development of industrial CPS (I-CPS). However, the long range of security concerns in IoT is the major hurdle in
development is quite challenging considering the consequences the widespread adoption of IIoT technology. As most of the IoT
of a failing I-CPS might be severe w.r.t. the system productivity, devices are resource-sensitive in nature, they cannot employ so-
phisticated security standards. These devices become easy targets
∗ Corresponding author. for the attackers to launch cyber-attacks including Distributed
E-mail addresses: nehaiiitm345@gmail.com (N. Agrawal), Denial of Service (DDoS) [7,8]. The presence of such security
rohit.kumar@krea.edu.in (R. Kumar). concerns hinders the growth and potential of IIoT. Thus, it is

https://doi.org/10.1016/j.isatra.2022.03.018
0019-0578/© 2022 ISA. Published by Elsevier Ltd. All rights reserved.

Please cite this article as: N. Agrawal and R. Kumar, Security Perspective Analysis of Industrial Cyber Physical Systems (I-CPS): A Decade-wide Survey. ISA Transactions
(2022), https://doi.org/10.1016/j.isatra.2022.03.018.
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Table 1
Comparative analysis of the existing related surveys.
S. No. Authors(s) & Year Objective Classification based on Taxonomy Inference(s)
discussed
1. Kayan et al. (2021) [9] Cybersecurity of I-CPSs Attacks Cyber attacks • Discussion of cyber attacks and cyber
taxonomy defense approaches is limited.
• Detailed analysis of security aspects in I-CPS
is not presented.
2. Guo et al. (2021) [10] Security of energy Attacks and evaluation NA • Methodology for cyber attacks impact
management systems for metrics analysis is presented.
connected and • Metrics for evaluating the system security
automated electric and resiliency are discussed.
vehicles • Detailed comparison and analysis of security
approaches is not presented.
3. Dowdeswell et al. (2020) Fault identification and Diagnosis approaches NA • Comparative analysis of the fault diagnosis
[11] diagnosis for I-CPSs approaches is not provided.
4. Giaimo et al. (2020) [12] Continuous NA NA • Investigates the link between the practice
experimentation of CPSs and application.
5. Ding et al. (2019) [13] Model-Based Distributed Distributed filtering and NA • Comparative analysis of the existing
Control and Filtering for control techniques approaches is not presented.
I-CPS
6. Ding et al. (2018) [14] Security control and Attack detection NA • Security control and attack detection
attack detection for approaches approaches are not described in detail.
I-CPSs • Comparative analysis of the approaches is
not provided.
7. This survey Security analysis of I-CPS Cyber attacks and Cyber attacks and • A decade-wide survey on security
security issues in I-CPSs security issues perspective analysis of I-CPSs is provided.
• An year-wise comparative analysis of the
works is presented w.r.t objective, approach
referred, testbed used, and inference.
• Various security issues in I-CPSs are detailed,
and categorized w.r.t security, components and
systems perspective.

NA = Not Available.

Fig. 1. Inter-relation of IoT, IIoT, CPS. and I-CPS.

Source: Adapted from [4].

necessary to understand and counter different security issues in

IIoT. Additionally, security becomes a critical concern in I-CPS
considering the presence of numerous heterogeneous devices, Fig. 2. Inter-relation of IIoT and CPS, giving birth to I-CPS.
architectural complexity, and the presence of a dedicated cyber Source: Adapted from [5].
layer in I-CPS.

1.1. Motivation classification criteria and taxonomy details are not well described.
In addition to this, year-wise gradual growth of research in the
Considering the limited resources and inability to manage field of I-CPS is not covered in any of the existing works to
complex security systems, IoT devices become an ideal platform the best of authors’ knowledge. The objective of this survey is
for malevolent parties to launch attacks. It is vital to discuss to address these limitations and provide a detailed decade-wide
security risks and provide solutions to preserve the privacy of survey of different security aspects and issues in I-CPSs.
IoT devices and their data in an I-CPS scenario. The solutions
must be exceptionally resilient in terms of security, efficiency, 1.2. Major contributions
and robustness. Furthermore, the solutions should be low-cost
in terms of processing, communication, and storage, and they The major contributions of this survey paper are as follows:
should be capable of countering a broad range of hostile threats.
The security issues in I-CPS have been studied in different 1. It discusses a decade-wide survey on I-CPS, covering var-
existing works. The comparative analysis of the recent related ious security aspects. This assists in delivering a state-of-
surveys [9–12,12,14] is provided in Table 1. From Table 1, it the-art survey with a specific focus on security.
may be observed that the security issues are not detailed in the 2. It provides an year-wise comparative analysis of the ex-
existing surveys. Though the objective is specified; however, the isting works w.r.t. the objective of the work, approach
2
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Fig. 3. Workflow of the paper.

referred, experimental testbed/simulator used, and the de- 2. IoT and Industrial IoT
rived inference. This helps to understand the advantages
and respective drawbacks of each work. IoT is an emerging domain where the common objects are
3. It details multiple security issues present in the active being turned into connected devices and also changes the way the
development of I-CPSs. These security issues are catego- people interact with these devices [4]. In IoT, billions or trillions
rized into three different perspectives such as security, of smart devices are deployed which sense the environment,
components, and systems. transmit and process the acquired data, and then send feedback
4. It also highlights the research challenges and opportunities to the environment. A general architecture of an IoT environment
in I-CPSs. This helps the readers to understand the various is depicted in Fig. 4. It mainly consists of three layers, namely IoT
possibilities in the field of I-CPS. Device layer, Gateway layer, and Application layer. The IoT device
layer includes IoT sensors and IoT motes which communicate
The overall workflow of this paper is depicted in with the cloud environment through the Gateway layer. The
Fig. 3. Section 2 provides the background of IoT and IIoT. The application layer includes various IoT-based applications such as
discussion of CPS is given in Section 3. Section 4 offers the decade- smart city, smart homes, smart transportation, smart agriculture,
wide survey of Industrial CPSs in a year-wise fashion ranging smart healthcare, etc. These application domains of IoT improve
from 2021 to 2012. Different security issues present in Industrial the quality of our daily lives [15].
CPS are explored in Section 5, from Security, Components, and In [16], the discussion of IoT enabled communication tech-
Systems perspective. Section 6 highlights various research op- nologies is provided and the authors of [17] presented IoT archi-
portunities and challenges present in the field of Industrial CPS. tecture and its future research directions. To make IoT capable
Lastly, the work gets concluded with a focus on related future of interconnecting billions or trillions of heterogeneous objects
work in Section 7. through the Internet, a flexible layered architecture is required.
3
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Fig. 4. General architecture of IoT environment. Fig. 5. General architecture of IIoT environment.

The summary of different architectures, namely Three-layer, SOA- such as smart manufacturing, smart production, smart robotics,
based, Middle-ware based, and Five-layer is given in [18]. Based etc. help to automate the industrial tasks, thus improving the
on the report [19], during the period 2021–2026, the global IoT overall productivity and profit. IIoT also brings multiple opportu-
market is expected to reach a value of USD 1386.06 billion by nities to improve the working conditions of workers. For example,
2026 from USD 761.4 billion in 2020 at a CAGR of 10.53%. IoT is unmanned aerial vehicles (UAVs) can be used for the inspection
growing at a fast-pace and brings multiple opportunities for man- of oil pipelines which minimizes the workers’ exposure to haz-
ufacturing industries to transform their products into the ‘‘smart ardous chemicals and gases in the industrial environment. A large
things’’. According to the McKinsey Global Institute [20], IoT could number of industrial IoT products are being used in agriculture,
generate up to $11.1 trillion a year in economic value by 2025. The healthcare, military, etc.
wide range of IoT applications in industries provides promising IoT is human centered where the ‘‘Things’’ are smart con-
opportunities to build automated power industrial systems [21]. sumer electronic devices while IIoT is machine centered where
IIoT is also known as 4th industrial revolution which integrates the ‘‘Things’’ are industrial assets such as machines and control
networking technologies and smart computing to automate in- systems. Both IoT and IIoT have similar communication require-
dustrial production [22]. Industries are adopting IoT to enable ments such as support for the Internet ecosystem using low-
the inter-connection between anything, anywhere, and anytime constrained and low-cost devices. When it comes to criticality
in the manufacturing process. This would lead to improve the and connection, IoT is more adaptable, allowing for mobile net-
productivity, efficiency, intelligence, and safety. A general ar- works and ad hoc structures with less rigorous dependability and
chitecture of an IIoT environment is depicted in Fig. 5. Like timeliness requirements. IIoT, on the other hand, leverages well-
the architecture discussed in Fig. 4, this architecture also has designed infrastructure-based and fixed network solutions that
three layers. The difference is, despite having the normal IoT must meet predefined timing and reliability criteria.
sensor, mote and gateway, this architecture has industrial IoT
sensor, device and gateway. The IoT sensors are the generic 3. Cyber Physical Systems
sensors. The sensors include wide varieties and different types of
sensors including Temperature Sensors, Humidity Sensors, Pres- Cyber Physical System (CPS) is a system which integrates
sure Sensors, Proximity Sensors, Level Sensors, Accelerometers, the cyber and physical components using the modern sensor,
Gyroscope, Gas Sensors, Infrared Sensors, Optical Sensors, etc. network, and computing technologies [23]. In [24], CPS is defined
However, the IIoT sensors are the specifically designed sensors for as — CPS is a network system consists of cyber (communication
specific underlying applications. Some of the common examples and computation) and physical (actuators and sensors) compo-
of IIoT sensors include some general IoT sensors for industrial nents which interact in a feedback loop with the possible human
applications such as Industrial IoT Remote Temperature Humidity intervention. In such systems, data is captured using the physical
Sensor, Industrial Wireless Thermocouple High Temperature Sen- components and transferred to the cyber component with no or
sor, etc. Furthermore, the IIoT sensors also include some specif- little human intervention. The physical devices are mainly in-
ically designed sensors for specific industrial needs including frared sensors, RFID tags or barcodes while the cyber component
2-Channel Industrial IoT Wireless AC Current Monitor Sensor, In- is deployed over the cloud. CPS systems are used to monitor and
dustrial Wireless Absolute & Gauge Pressure Sensor, Industrial IoT control the physical world. Furthermore, a CPS is also defined
Wireless Vibration & Temperature Sensor, IoT Long Range Wire- as a broad field of research that includes Networked Control
less Environmental Temperature Humidity Pressure Air Quality System (NCS). Systems having a cybernetic component, such as
Sensor, Industrial Wireless Activity Detector, Industrial IoT Wire- communication infrastructure, are referred to as CPS. On the
less Water Detect Sensor, etc. The applications offered by IIoT other hand, the primary focus of NCS is on the control difficulties
4
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

real-world production are both lucrative and challenging. In lit-

erature, there are multiple works presenting a paradigm for cre-
ating, commercializing, running, and sustaining I-CPS, which may
encourage future I-CPS research and practices. The works define
the understanding of an I-CPS, specifying the components and key
technological aspects of the industrial CPS, and explaining how
the industrial CPS aligns with existing work such as Industrie 4.0.
Additionally, several practical use cases of I-CPS have also been
discussed in the literature.
Similar to CPS, an I-CPS also consists of two functional com-
ponents — Cyber system and Physical system [22]. The cyber
system includes networking, control, and computing infrastruc-
tures to enable the inter-connection, operation, and intelligence
of the industrial systems. The roles of each component and sig-
Fig. 6. General architecture of CPS environment. nificant technical characteristic are described in literature, as
there are some differences between traditional industrial sys-
tems and industrial CPS. The multidisciplinary nature of industrial
of the distributed devices that exchange data through a network. CPS development creates hurdles, and a detailed explanation
Additionally, the distinction also lies in the emphasis on the of numerous major sub-challenges that are vital to the long-
distribution of the control and components. CPS is considered term sustainability of I-CPS design is also given in the literature.
more efficient as it tightly integrates the computing capabilities Considering the early phases of the I-CPS development, the ex-
with the physically active system. However, a NCS is supposed isting methods and novel approaches to overcome the related
to boost the efficiency of the system using its dispersed control challenges have also been described. These insights help the
architecture. researchers and industry practitioners to develop and commer-
In the recent years, CPS has been widely adopted in various cialize I-CPS. A general architecture of an I-CPS environment is
areas such as smart vehicles, smart city, smart healthcare, smart depicted in Fig. 7. The physical systems are the automation and
manufacturing, etc. In [25], it was estimated that cyber physical manufacturing systems that leverage the industrial devices to
components would account for 40% of an automobile’s total value accomplish the automation and production tasks. The transition
by the end of 2015, and around 25 billion uniquely identified from standard automation solutions to cyber physical production
objects observed in 2020 [26]. Its development and deployment systems is presented in [32]. Different cyber physical architecture
brought impact in almost all parts of our daily life. The engineer- models for Industry 4.0 are discussed in [33]. The authors focused
ing tools and methods for cyber physical automation system is on the key characteristics, technologies and correlation of these
presented in [27]. The key technologies of CPS include IoT, cloud models, and also discussed their contributions, advantages and
computing, software defined networking (SDN), big data, etc. disadvantages in IIoT. The work also highlights the current and
The general architecture of CPS is shown in Fig. 6 which future research challenges, gaps, and opportunities of CPS in
mainly consists of two layers, namely Cyber Space layer and IIoT. The survey and analysis of the state-of-the-art smart agents
Physical Space layer. Based on the functions, the authors of [24] in I-CPS is provided in [34]. I-CPS has been widely applied in
presented three-layered CPS architecture which contains physical many areas such as water distribution plants, chemical plants,
layer, network layer, and cyber layer. Like in two-layer architec- and power grids. Despite its wide applications, I-CPS faces several
ture, the physical layer senses the real-time data such as tem- cyber attacks which may lead to the failure of these facilities [35].
perature, light, sound, location, etc using multiple sensors. The Therefore ensuring the security of I-CPS is essential [36]. Plethora
network layer interchanges and processes the data between phys- of research has been done to secure the I-CPS. The discussion of
ical layer and cyber layer using LAN, Internet, and communication the works done in the past decade is as follows.
networks. The cyber layer processes the information gathered
from the physical layer and generates appropriate decisions by 4.1. 2021 works
implementing complex decision-making algorithm [28].
The extensive connectivity between the physical and cyber Different works related to the security aspects of I-CPS are
layers leads to various security issues. Many attacks have been proposed in 2021. Some of the major ones are discussed here. The
reported in the past few years. In 2010, the Iran Bushehr Nu- works discuss different issues ranging from the comprehensive
clear Power Plant was attacked resulting severe disorder in the coverage of the topic to the related approaches, possibilities of
automated operations of the nuclear services [29]. In 2013, the different types of attacks, analysis of the attacks, the correction
transportation management system of Japan was attacked, con- control methods for different attacks, and the attack possibilities
sequently 15 trains were suspended and 124 trains were delayed, due to the other technological shifts like IoT. The discussion of
affecting 8.12 million citizens [29]. The airplanes could be hacked the noteworthy works is as follows.
by the attackers via in-built Wi-Fi sensors [30] and many more. A comprehensive survey on attack detection, secure estima-
These incidents provide evidence that the attack at the cyber tion, and control of I-CPSs is provided in [37]. The authors classi-
layer of CPS led to huge loss in people’s livelihood. The rapid fied the existing work based on the system modeling and analysis
growth of CPS leads to various security vulnerabilities, risks, and methods. The advantages and disadvantages of the noteworthy
threats [31]. Since CPS has changed our lives in all way, it must be works are also discussed. A systematic cyber physical security
emancipated from attack vulnerabilities, risks, and threats. Thus, assessment on energy management systems for connected and
a comprehensive study of security aspects in CPS is predominant. automated electric vehicles is done in [10]. In this, the authors
proposed a generalized method for cyber attacks impact analysis.
4. Industrial CPS They also discussed essential metrics to measure the performance
of electronic control unit. In [38], artificial intelligence is merged
The I-CPS is a novel value-creation technology in modern with CPS to secure I-CPS. The framework consists of four modules,
industrial manufacturing. I-CPS development and deployment in detection, control, execution, and communication. An agent is
5
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

results show that the approach is effective in identification and

assessment of underestimated cyber attack paths.
The comparative analysis of the above-mentioned works is
given in Table 2 w.r.t. objective, approach referred, experimental
testbed used, and the derived inferences. From Table 2, it may be
observed that various approaches have been proposed to analyze
the security of the I-CPS environment. These approaches are
effective to determine the severity of risks in I-CPS.

4.2. 2020 works

Similar to 2021, multiple works are discussed in 2020 also.

These works explore different aspects of I-CPS including the secu-
rity control measures for industrial control systems, modeling and
decision-making methods, vulnerability detection and diagnosis
practices, intelligent attacking methods and defense approaches.
An approach to measure the security of industrial control sys-
tems attacked with minimum effort strategies is given in [45]. The
approach is based on hypergraphs and AND/OR graphs, and iden-
tifies the critical components and measures security. In this work,
META4ICS tool is used for logical satisfiability optimization and
MAX-SAT technique is used for efficient computation. Further, the
Fig. 7. General architecture of industrial CPS environment. approach is used to analyze the security of real water transport
systems. A modeling and decision-making method based on the
modified hybrid stochastic timed Petri net is proposed in [46].
used as the smallest control unit and multi-agents mimic the Using this method, multiple problems can be defined and ana-
connections between human neurons. Experimental results show lyzed at the same time. In I-CPS, distributed programmable logic
that the approach is effective, robust and has a good temperature controllers are used to control the manufacturing plants.
control capability. A study of detecting and diagnosing faults in I-CPS is done
The cyber security perspective of I-CPS is studied in [9]. The in [11]. The authors categorized the different diagnostic methods
authors discussed industrial infrastructure, protocols, and the based on the pilot study and presented a comparative analysis.
cyberattack taxonomy. Then the defense approaches for vari- The maturity of these approaches are compared using the NASA
ous cyberattacks are also discussed and analyzed. Another cyber Technology Readiness Level (TRL) scale. A vulnerability assess-
physical security analysis method for industrial control systems is ment of electric drive systems due to sensor data integrity attacks
proposed in [39]. The method is based on incomplete information is done in [47]. The metrics to evaluate the steady-state and
transient performance of electric drives are defined. Simulation
Bayesian game and calculates the weight in threat model by
results of 15 cyber attacks are analyzed to evaluate the perfor-
modeling threat propagation between the nodes. A correction
mance of electric drive systems using the defined metrics. An
control method for false data injection attacks in CPS is proposed
anti-honeypot enabled optimal attack method for I-CPS is pre-
in [40]. The attacker injects this attack into the controller-to-
sented in [48]. The authors used a game theoretical approach to
actuator channel through wireless communication. This method
capture the interactions between the attacker and I-CPS defender.
estimates the heterogeneous attack effects using the intercon-
Simulation results show that using this approach an attacker can
nected adaptive observer. Results demonstrate that using this
compromise the I-CPS system protected by honeypot.
method impaired state signals can be corrected and the desired
An intelligent approach to detect the attacks against I-CPS is
performance can be achieved. Another security correction ap-
proposed in [49]. In this work, a neural network is used to design
proach for two-time-scale CPS under DoS attack is given in [41].
the intelligent attack estimator and an n-order non-linear sys-
A composite controller based on singular perturbation controller tem is used to mitigate the attack impact. The proposed system
is designed and formulated in this work. The effectiveness of guarantees the stability of the system under attack. A hierarchical
the approach is validated using a networked DC motor control distributed intrusion detection system for security monitoring
system. of I-CPS is given in [50]. The approach detects various attacks
An intrusion detection and risk analysis approach for SCADA and offers all round-safety protection. The performance of the
network is given in [42]. The approach characterizes the indus- approach is validated using OPNET simulator and on MATLAB.
trial process and network structure of SCADA system by extrac- Results show that the approach can detect potential and covert
tion and correlation of communication patterns and states of cyber attacks with low false alarm rate. In [51], the authors
industrial control devices. The performance is evaluated on a focus on execution semantics in order to provide a platform-
public SCADA network dataset. A safety and security risk analysis independent and deterministic execution environment. In this
and prevention method is proposed in [43]. To analyze the safety work, a timestamped discrete-event-based execution semantic
and security risks, a cyber security prevention route model is is proposed for IEC 61499. To prove the proposed semantic, a
developed. The advantage of this method is, it simultaneously building automation system case study is used.
analyzes the safety and security risks. IoT technology enables A method to prevent cyber physical attacks in additive manu-
the systems to communicate in both physical and cyber ways. facturing systems is proposed in [52]. The method uses a physical
It may also act as an enabler of attack paths against critical hash which connects the digital data with the manufactured
paths. In [44], a risk-based method is proposed to identify and parts. The disconnection occurs when the manufacturing sys-
assess such complex attack paths. The method uses attack tree tems become compromised. To mitigate the cyber physical at-
topology where the root always represents the critical system. tacks against industrial control systems, a smart I/O module is
The performance is evaluated using a real scenario. Experimental proposed in [53]. The authors proposed valued discrete timed
6
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Table 2
Comparative analysis of the works published in 2021.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Lv et al. [38] Security scheme for I-CPSs Back propagation neural NA • Effective and robust.
network • Detects temperature and
corresponding situation.
2. Liu et al. [39] Security analysis of industrial Bayesian Game Python program on the • Discovers the attack paths
control systems MacBook Pro with 2.3 GHz with attack losses.
Intel Core i7 Processor and 16 • Offers good time
GB 1600 MHz DDR3 Memory performance.
3. Dong et al. [40] Security correction control to Interconnected adaptive F16-longitudinal dynamics • Impaired signals are
false data injection attack observer system corrected.
• Comparable security is
achieved.
4. Ma et al. [41] Security control to DoS attack Singular perturbation Networked DC motor control • Effective to correct
parameter with Lyapunov system two-time-scale CPS under DoS
function attack.
5. Sheng et al. Intrusion detection and risk Extraction and correlation of SCADA dataset • Provides improved
[42] analysis for SCADA systems communication patterns and performance.
states of control devices
6. Yang et al. [43] Safety and security risk Attack route models Coal-to-methanol plant • Determines the severity of
analysis and prevention simulation risk along with its future
possibility.
7. Stellios et al. Identification and assessment Attack Tree topology, Real scenario of healthcare • Efficient
[44] of attack paths vulnerability scoring system, system
and threat modeling

NA = Not Available.

Table 3
Comparative analysis of the works published in 2020.
S. No. Authors(s) Objective Approach referred Experimental Inference(s)
testbed/simulator used
1. Barrere et al. Security analysis of industrial Hypergraphs and META4ICS and MAX-SAT • Efficient computation time.
[45] control systems AND/OR graphs technique
2. Cao et al. [46] Decision making method for Modified hybrid Humanoid soccer robot • Effective
CPS stochastic timed Petri CPSs
net
3. Yang et al. [47] Vulnerability assessment of MATLAB NA • Discussed metrics to evaluate the
electric drive system steady-state and transient
performance.
4. Li et al. [48] Anti-honeypot enabled optimal Game theoretic approach NA • Optimal attack strategy can be
attack strategy developed with varying capabilities.
5. Farivar et al. Defense against attacks in Neural network car cruise control • Robust against attacks and external
[49] non-linear CPSs application disturbances.
6. Liu et al. [50] Distributed IDS statistical distribution OPNET • Effective in identification of covert
cyber attacks.
• Low false alarm rate and high
detection rate.
7. Dai et al. [51] Deterministic and Discrete event based IEC 61499 • Provides guaranteed compliance
platform-independent execution semantics and deterministic behavior in
execution environment for real-time constraints.
I-CPS
8. Brandman Prevention and detection of Physical hash 3DS CubePro Trio and • Offers comparable performance.
et al. [52] cyber–physical attacks in MATLAB
additive manufacturing systems
9. Pearce et al. Attack mitigation on industrial Runtime enforcer ModelSim • Performance of the approach has
[53] control systems been examined using several
benchmarks.
• Adds less than 200 ns of overhead
with minimal hardware resources.

NA = Not Available.

automata to enhance the security of control systems. The pro- 4.3. 2019 works
posed approach prevents the physical damage of any compro-
mised control systems. A survey of continuous experimentation The works presented in 2019 focus on the issues such as mon-
and challenges of cyber–physical systems w.r.t the industrial itoring and control of critical industrial processes, transmission
perspective is done in [12]. In this work, the authors presented of high-speed multimedia data, distributed filtering and control
a systematic survey to link the field of application and experi- solutions, lightweight key management, data-driven early attack
mentation practice. detection approaches, etc. Some of the major works are discussed
The comparison of the above-discussed approaches is pre- here.
sented in Table 3 w.r.t. the objective, approach referred, exper- Redundant controller architecture has been widely adopted in
imental testbed used, and the derived inferences. I-CPS to monitor and control critical industrial processes. These
7
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Table 4
Comparative analysis of the works published in 2019.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Ma et al. [54] Stealthy attack strategy against Hypergraphs and AND/OR META4ICS and MAX-SAT • Efficient computation time.
redundant controller graphs technique
architecture
2. Jiang et al. [55] Security in cache resource Spatio-temporal content Performed numerical • Provides comparable
allocation prediction experiments performance.
3. Genge et al. Security-aware control for data Two-fold scheme — control Real testbed • Effective
[56] authentication and key management • Applicable to
resource-constrained I-CPS.
4. Zhang et al. Multi-layer data driven attack Auto-associative kernel SCADA system, data collection • Detects the attack in its early
[57] identification system regression model by LabVIEW stage.

controllers are designed and implemented in order to respond Hyundai Steel factory then processed and analyzed with 35 do-
to unpredictable mechanical failures. A stealthy attack strategy main experts. Experimental results show that the approach di-
against such architectures is discussed in [54]. The authors iden- minishes the cost involved in over-fitting and over-generalization
tified several zero-day vulnerabilities in these controllers which problems. To analyze the impact of cyberattacks on I-CPS, a
can be exploited by the attackers to launch stealthy attacks. risk assessment method is presented in [36]. In this work, the
The work also discussed the guidelines to mitigate these risks. attack propagation process is modeled using a Bayesian net-
The transmission of high-speed multimedia data in I-CPS is a work and analyzes the probabilities of actuators and sensors to
challenging task. To address this, a cache resource allocation be compromised. These probabilities are sent to the stochastic
strategy is proposed in [55]. The proposed approach is divided hybrid system model to evaluate the system availability. The
into three stages, (1) the prediction of spatio-temporal mul- performance is evaluated using a hardware-in-the-loop testbed.
timedia content, (2) design of cache model using Zipf fitting, A zone-partition based anomaly detection approach for I-CPS
and (3) caching optimization. Results show that the satisfac- is proposed in [62]. The automated zone-partition method de-
tory performance is achieved using this approach. A survey on tects both known and unknown attacks without considering any
prior knowledge. It observes the critical system state in multiple
model-based distributed filtering and control solutions for I-CPS
zones. Results show that the approach reduces the computational
is presented in [13]. The research challenges and future direc-
complexity and improves the detection accuracy.
tions are also discussed. A security-aware control scheme for
The comparison of these approaches w.r.t objective, approach
data authentication in I-CPS is presented in [56]. The scheme
referred, experimental testbed used, and the derived inference is
defines control applications and also performs key management.
given in Table 5.
A lightweight key distribution protocol is designed by merging
the advantages of hash function and symmetric key cryptogra- 4.5. 2017 works
phy. Results show that the approach is efficient and suitable for
resource constrained I-CPS. A multilayer data-driven detection The works proposed in 2017 discuss the issues of the cyber
approach for cyber attacks in I-CPS is discussed in [57]. The resiliency, attack propagation consequences, security and safety
authors used an auto-associative kernel regression model for analysis, vulnerability assessment, sensitivity analysis, etc., w.r.t.
the early attack detection. Experimental results show that the the I-CPS. Some of the noteworthy works are described as follows.
approach can detect attacks before it causes any significant losses. To improve the cyber resiliency of industrial control systems,
The comparison of the above-discussed approaches is pre- an approach is proposed in [63]. The work discusses an active
sented in Table 4 w.r.t. the objective, approach referred, exper- defense technique to make them resilient and capable of recov-
imental testbed used, and the derived inferences. ering from faults and failures with limited impact on operations.
The proposed approach is compared with traditional industrial
4.4. 2018 works control system using semi-automated water treatment plant. Re-
sults demonstrate that the approach is effective and provides
comparable performance. To evaluate the consequences of the
In 2018, the discussed works highlight the various functional
attack propagation in CPSs, a method is discussed in [64]. The
and security related aspects including security design for collabo-
work studies the dynamic behavior of the system in both normal
rative systems, attack detection and security control, failure iden-
and attack conditions, and analyzes the attack impact. The per-
tification, risk assessment method, attack propagation process
formance of the method is validated using a boiling water power
modeling, etc.
plant.
A security design for collaborative robotic CPS is proposed
A security and safety analysis for CPSs is done in [65]. The
in [58]. The method is based on two-pronged strategy and the work identifies the dependencies between the vulnerabilities and
impact is evaluated on teleoperation benchmark (NeCS-Car). The system safety. This information is used to design an effective mit-
cyber vulnerabilities and their repercussions are also analyzed igation strategy. The benefits of the approach are also highlighted
in this paper. A survey on attack detection and security con- by the authors after applying it on a power grid domain. To model
trol in I-CPS is presented in [14]. In this work, first the typical and quantify the security of CPSs, a game theoretic approach is
system modeling on CPS is summarized. Then the three major presented in [66]. The model works in two phases — intrusion
cyber attacks, namely deception attack [59,60], replay attack, and disruption. Each phase uses a game theoretic approach and
and DoS attack are discussed. Further, the state-of-the-art attack predicts the interaction between the system and the attacker. The
detection is reviewed and classified based on the approach used. performance of the approach is evaluated using several metrics.
Finally, research challenges and future research directions are Additionally, the security of chemical plants is analyzed using this
also discussed. approach.
To identify the failure in I-CPS, a knowledge-based system is To analyze the vulnerability and cyber-security of critical in-
discussed in [61]. Authors have collected the alarm data from frastructures, a distributed and hybrid simulation platform is
8
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Table 5
Comparative analysis of the works published in 2018.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Huang et al. Risk assessment method for Bayesian network and Boiling water power plant • The system states can be
[36] I-CPS stochastic hybrid system model determined without any prior
knowledge of attack patterns.
2. Khalid et al. Security model for Two pronged strategy Teleoperation benchmark • Provided enhanced security
[58] collaborative robotic CPS (NeCS-Car) at interconnected adaptor
nodes.
3. Kim et al. [61] Failure detection in I-CPS Ripple Down Rule based • Human experts acquisition
knowledge based system time is reduced.
• The cost involved in
over-fitting and
over-generalization problems is
diminished.
4. Yang et al. [62] Attack detection method for Zone partitioning Coupling tank control system • Offers high accuracy and
I-CPS efficacy in real-time.

Table 6
Comparative analysis of the works published in 2017.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Chaves et al. Improving cyber resilience of Active defense method Semi-simulated water • Effective
[63] industrial control systems treatment system
2. Orojloo et al. To evaluate the impact of Analysis of dynamic behavior Boiling water power plant • Critical assets are ranked
[64] attack propagation in CPS based on their sensitivity.
• Cyber attacks are prioritized
based on their impact.
3. Friedberg et al. Safety and security analysis for Dependencies between the Power Grid scenario • Effective mitigation strategy
[65] CPSs vulnerabilities and system has been designed.
safety
4. Orojloo et al. To model and quantify the Game theoretic approach Real testbed (Chemical Plant) • Using this approach the
[66] security of CPS parameters such as attacker’s
knowledge, detection interval,
and attacker’s penalty can be
analyzed.
5. Ficco et al. [67] Vulnerability and Distributed and hybrid Used to deploy experimental • Penetration testing can be
cyber-security analysis of simulation platform scenario in the cloud done.
critical infrastructure systems
6. DeSmit et al. Vulnerability assessment of Decision Trees NA • Case study of the proposed
[68] intelligent manufacturing approach is also presented.
systems

NA = Not Available.

presented in [67]. Using this platform, a complex and distributed architectural requirements, etc. Some of the major related works
experimental scenario can be deployed in the cloud for vulnera- have been discussed in this subsection.
bility analysis. A vulnerability assessment approach for intelligent A method to determine and verify the integrity of the safety
manufacturing systems is proposed in [68]. The approach iden- instrumented systems is proposed in [70]. In this work, the value
tifies the vulnerabilities and analyzes their impact on manufac- of safety integrity level is analyzed which may affect the uncer-
turing systems using a decision tree. At each production process, tainty parameters of the probabilistic model. The sensitivity anal-
the work classifies the vulnerabilities into low, medium, and high ysis of the probabilistic models and the uncertainty of the prob-
levels. An intrusion detection system based on sensitivity analysis abilistic results are considered. An auto-identification approach
and cross-association for I-CPS is proposed in [69]. The approach for integrity attack in CPSs is discussed in [71]. The approach
consists of three phases, namely (1) sensitivity analysis, (2) cross- captures the attack characteristics in both wavelet and spectral
association, and (3) IDS. The first phase performs the sensitivity domain and observes their distribution using pattern recognition
analysis and identifies the sensitive variables. The second phase algorithms. Experimental results demonstrate that the approach
adopts the cross-association to structure the process variables in provides promising performance. The risk assessment methods
groups. The third phase assigns the sensitive process variables for SCADA systems are studied in [72]. The methods are analyzed
to IDS. Results show that the approach reduces the number of based on the objective, application domain, risk management, etc.
detection variables by 76.8% resulting in reduction in complexity Based on the analysis, an intuitive risk classification scheme is
and detection cost. proposed.
The comparison of the above-discussed approaches is pre- An intrusion detection method using timing-based side chan-
sented in Table 6 w.r.t. the objective, approach referred, exper- nels for industrial control systems is proposed in [73]. This side-
imental testbed used, and the derived inferences. channel analysis is used to get the unique device fingerprint
which helps to identify unauthorized modifications. The results
4.6. 2016 works demonstrate the feasibility of the approach in programmable
logic controllers. Cyber physical attacks against SCADA systems
Various works have been listed down in 2016 focusing on the can cause severe disruption of processes which may lead to eco-
wide security aspects of I-CPS such as — integrity verification, risk nomic losses and equipment damage. To reduce these losses, the
assessment methods, side channel analysis based intrusion detec- false sequential logic attack and its impact analysis are presented
tion, attacks and their impact analysis, security vulnerabilities and in [74]. In this work, an approach to model this attack is proposed.
9
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Table 7
Comparative analysis of the works published in 2016.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Ntalampiras To determine and verify the Analysis of safety integrity Safety instrumented systems • Provides effective
[70] integrity of safety levels and uncertainty verification.
instrumented systems parameters of probabilistic
model
2. Ntalampiras Auto-identification of integrity Feature extraction and pattern IEEE-9 bus model dataset • Achieved comparable
[71] attack recognition identification performance.
3. Cherdantseva To study risk assessment Analysis and classification NA • Research challenges and the
et al. [72] methods for SCADA systems respective approaches are
described.
4. Dunlap et al. Intrusion detection for Timing-based side channels Allen Bradley ControlLogix • Provides 0.978-1.000 true
[73] industrial control systems programmable logic controller positive rate and 0.033-0.044
false positive rate.
5. Li et al [74] Impact analysis of false Attack Modeling MATLAB/SIMULINK • These attacks do not only
sequential logic attack cause economic losses but also
harm physical world.

NA = Not Applicable

The experiments are conducted in MATLAB and the attack im- this work, high interaction honeypots are developed using proxy
pact is analyzed. To secure resource-constrained cyber–physical techniques with a single programmable logic controller.
systems, a cross-layer codesign method is proposed in [75]. The Another two-fold system to analyze the access control poli-
framework uses control-theoretic method at the functional layer cies in I-CPSs is presented in [82]. The system consists of two
and cybersecurity method at the platform layer. The proposed parts, namely specification and implementation. The specification
framework is customized and effective. The security vulnerabili- part is based on the RBAC model and the implementation part
ties, architecture, and requirements for IEC-61850 based CPSs are handles the physical systems, its access and traffic control mech-
explored in [76]. anisms. A semi-automated access control verification method
The comparison of the above-discussed approaches is pre- for industrial network systems is given in [83]. The proposed
sented in Table 7 w.r.t. the objective, approach referred, exper- method is a two-fold system which enables the abstract specifi-
imental testbed used, and the derived inferences. cation of access control policies and detailed specification of the
targeted physical systems. After combining these two separate
4.7. 2015 works views, the method automatically identifies whether the system
implementation matches the policy specification. To protect auto-
The major 2015 based I-CPS related works put light on the motive systems from various attacks, an integrated mixed integer
various deployment and functional security issues. Such issues linear programming (MILP) based model is designed in [84].
range over various aspects including - multi-layer industrial cyber The proposed model is efficient and reduces the security risks
automation systems and frameworks, secure, and economical significantly. Results show that the model provides comparable
frameworks having flexibility and scalability, access control poli- performance. In Industry 4.0, the integration of cloud comput-
cies’ analysis and verification, automotive systems protection, ing with I-CPS is important as it will significantly improve the
cloud integration, etc. Some of the major works discussing these business services and manufacturing chain. In [85], the authors
aspects are detailed in this subsection. discussed that cloud helps I-CPS to realize high quality and output
A multi-layered framework for CPSs is described in [77]. It with low cost.
consists of a three-layered logical model, reference architecture The comparative analysis of the above-mentioned approaches
for CPS, and meta-model of CPS attack. Using this framework the w.r.t the objective, approach referred, experimental testbed used,
elements such as attacker objective, cyber exploitation, control and derived inference is given in Table 8.
theoretic and physical system properties. The performance of the
framework is evaluated on a simulated unmanned aerial system. 4.8. 2014 works
To develop the industrial cyber automation systems, a system-
based approach is presented in [78]. Using this, the UML model The I-CPS works featured in 2014, explore the potential se-
of the system’s software part is extracted from the SysML model curity characteristics such as — supervised anomaly detection,
which is further refined to obtain the implementation code. The intrusion detection and security challenges, industrial control
authors developed a case study to illustrate the approach and system examination and protection, etc. Some of the promi-
highlighted its benefits. nent works attributing these characteristics are explored in this
A secure framework to analyze the attacks against the linear subsection.
time-invariant system is proposed in [79]. The policies and impact To protect the SCADA systems from integrity attacks, an su-
of the major attacks such as denial of service, zero dynamics, pervised anomaly detection approach is described in [86]. The
reply, etc are described using safe sets concept. The experimen- approach performs automatic identification of the consistent and
tal setup is used to evaluate the performance of the proposed inconsistent states in SCADA data, and extracts the detection
framework. To evaluate the security of nuclear facilities, a cyber rules from the identified states. For identification and extraction,
security risk model is developed using the Bayesian network k-nearest neighbor and clustering techniques are used respec-
in [80]. The model evaluates both the technical and procedural tively. Experiments are conducted on both simulated and real
aspects of cyber security. In [81], cost effective industrial control datasets. The intrusion detection techniques and challenges in
system honeypots are designed for production networks. Hon- CPSs are discussed in [87]. The work first talks about the require-
eypots are designed to lure cyber-attackers and gain knowledge ments of CPS followed by the discussion of different intrusion
about their activities. In the production network, it is a chal- detection techniques. The comparative analysis of the approaches
lenge to design economical, flexible and scalable honeypots. In while highlighting their characteristics and limitations is also
10
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Table 8
Comparative analysis of the works published in 2015.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Hahn et al. [77] Kill-chain based security Multi-layered framework Simulated unmanned aerial • It helps in listing the
analysis system principles for designing
resilient systems to cyber
attacks.
2. Thramboulidis System based approach for Extraction of SysML model IEC 61131 • A case study was developed
et al. [78] industrial automation systems to illustrate the approach.
3. Teixeira et al. Secure control framework for Safe sets Wireless quadruple tank • The attack scenarios, their
[79] attack analysis consequences and
countermeasures are also
illustrated.
4. Shin et al. [80] Security model for nuclear Bayesian network Reactor protection system • Vulnerabilities and mitigation
facilities measures can be determined.
5. Winn et al. [81] Industrial control system Proxy technique Programmable logic controller • Authentic and cost effective.
honeypots
6. Bertolotti et al. Access control policy analysis RBAC model NA • Adaptive to several kinds of
[82] automated analysis.

NA = Not Available.

Table 9
Comparative analysis of the works published in 2014.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Almalawi et al. SCADA protection from Unsupervised anomaly Dataset of waste water • Efficient and accurate.
[86] integrity attacks detection approach using treatment plant
k-nearest neighbor and
clustering techniques
2. Gawand et al. Control aware approach for Statistical technique Four tank model • Suitable for large datasets.
[90] industrial control systems
3. Kawanaka et al. OS measure for industrial OS patch management NA • Effective to protect control
[91] control systems systems.

NA = Not Available.

presented. The security challenges in manufacturing systems are of code-flow in real-time embedded systems, a hardware-based
illustrated in [88]. This work discusses the ease of implementing approach is proposed in [93]. The hardware module performs the
cyber attacks, their consequences and the need to educate the control flow graph validation during real-time using CFG gen-
workforce. eration and binary-based tools. To defend against the malicious
Honeypots are widely used to attract the attackers and to attacks in CPSs, an approach is discussed in [94]. To detect the
observe their activities. In [89], the authors designed and im- multi-stage attacks, hidden Markov chain and finite state model
plemented self-configuring honeypots which examine industrial are used in this work. The results show that using this approach,
control system’s network traffic. The proposed four-step algo- the multi-stage attacks can be identified in its early stage.
rithm used Ettercap and Honeyd configuration. The algorithm In [95], a trust and risk management approach is proposed
was tested on a small campus grid and sensor network. Results for CPS. To act in a highly changing environment, CPSs should
show that virtual honeypots are automatically configured for 92% be resilient. The approach is inspired by biological and social
of targeted devices. To protect the industrial control systems, a behavior, and is deployed on a smart-grid demonstrator. Experi-
control aware approach is discussed in [90]. The approach uses mental results show that it improves the system’s efficiency and
a statistical technique for monitoring and four tank models for stability. A mathematical framework for attack detection in CPSs
simulation and performance validation. An OS measure for the is discussed in [96]. In this work, the fundamental limitations of
industrial control systems is presented in [91]. The approach existing monitoring approaches are characterized from system-
focuses on patch application cycle and the pretest period. and game-theoretic perspectives. To address these limitations,
The comparison of the above-discussed approaches is pre- a centralized and distributed attack detection approach is pro-
sented in Table 9 w.r.t. the objective, approach referred, exper- posed in this work. The authors validated their approach through
imental testbed used, and the derived inferences. various examples.
The comparison of the above-discussed approaches is pre-
4.9. 2013 works sented in Table 10 w.r.t. the objective, approach referred, exper-
imental testbed used, and the derived inferences.
In 2013, multiple works were proposed raising the concerns
about wide varieties of security issues including jamming at- 4.10. 2012 works
tacks, code-flow integrity check, defense against malicious at-
tacks, trust and risk management, limitations of existing monitor- The I-CPS related works detailed in 2012 talk about the dif-
ing approaches, etc. Some of the major related works discussing ferent functional security aspects like — dynamic security assess-
these issues are discussed below. ment framework, security and performance trade-off, file system
A game-theoretic approach to identify the jamming attack in activities analysis, experimentation environment, attack impact
CPS is discussed in [92]. In CPS, sensor nodes interact with the measurement, etc. Some of the major works focusing on these
remote estimator over a wireless channel and may be jammed aspects are summarized in this subsection.
by the attackers. The approach derives and proves the optimal An intelligent dynamic security assessment framework for
strategies for both the attacker and sensor. To check the integrity power systems is presented in [97]. The framework is based on
11
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

Table 10
Comparative analysis of the works published in 2013.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Li et al. [92] Detection of jamming attacks Game theoretic approach NA • Optimal strategies are
derived and proved.
2. Abad et al. [93] Integrity check of code-flow control flow graph validation LEON3 • Real-time system security is
using CFG generation and improved.
binary-based tool
3. Chen et al. [94] Defending against malicious Finite state model and hidden NA • The attack can be detected
attacks Markov chain in its early stage.
4. Pereira et al. Trust and risk management for Biological and social behavior Smart-grid demonstrator • Effective and stable.
[95] resilient CPS analysis

NA = Not Available.

Table 11
Comparative analysis of the works published in 2012.
S. No. Authors(s) Objective Approach referred Experimental testbed/simulator Inference(s)
used
1. Xu et al. [97] Dynamic Security Assessment Soft computing Used two testing systems, IEEE • Can be effective for future
Framework for Power Systems 14 bus system and New smart control grid centers.
England 39 bus system
2. Zeng and Chow Tradeoff model for NCS Coevolutionary genetic DC motor system • Effective in finding the Nash
[98] security and performance algorithm equilibrium tradeoff.
3. Khan et al. [99] File system activities Neural and Bayesian networks Matlab • Bayesian network is effective
classification (Pattern manipulation) and can handle large datasets.
4. Genge et al. Cyber-physical experimentation Recreation of cyber and Emulab • Fully functional prototype
[100] environment for security physical components can be developed.
analysis

soft computing technologies and consists of four engines, namely securing the data during aggregation, processing, transmission
DSA engine, wind power and load demand forecasting engine, over the communication network, and storing it on the third
database engine, and module updating engine. The performance party cloud server. Control security resolves the network issues
has been evaluated on two testing testbeds. The security of Net- and protects the control system from attacks. The discussion of
work Control Systems (NCSs) is a prime concern. The resource the related security issues is as follows.
constraints NCSs might sacrifice the performance because of ad-
ditional security mechanisms. This trade-off issue between the 1. Availability: It is the primary CPS security requirement.
security and performance is addressed in [98]. The tradeoff model All the connected devices must be available anytime and
is presented using the DC motor system and co-evolutionary anywhere. The major threat to the availability issue is DDoS
genetic algorithm. Experimental results show that the algorithm attack [101]. Thus, designing an effective defense scheme
is effective to find the Nash equilibrium of tradeoff. for DDoS attack in IIoT is essential.
To analyze the file system activities, the performance of neural 2. Confidentiality: It ensures the data transmission between
networks and Bayesian networks is analyzed in [99]. Classifica- the devices in a secure manner. Only the intended devices
tion of file system activities is based on the pattern manipulation can understand the data. Ensuring confidentiality in I-CPS
during a certain time period. Results show that the Bayesian is challenging as the information transfers among multiple
network is more pertinent because of its ability to learn and devices.
identify patterns from the incomplete datasets. A cyber–physical 3. Integrity: It ensures that the data received by the receiving
experimentation environment for CPSs to conduct the security device must be the same as sent by the sending device.
analysis is discussed in [100]. This environment is used to mea- The receiving device must be able to verify the integrity
sure the attack impact both against the cyber and physical parts of the data. In I-CPS as the data reaches the destination
of the system. The framework provides a set of experimental node via multiple connected devices, ensuring integrity is
capabilities like flexible to use different physical processes and a challenge.
safe experimentation with real malwares. The feasibility of the 4. Authenticity: It enables the receiving entity to verify the
framework has been tested using two test cases of industrial source/origin of the information. It checks whether the
systems. communicating entities such as sensors, actuators, or any
The comparison of the above-discussed approaches is pre- connected manufacturing devices are authentic [102].
sented in Table 11 w.r.t. the objective, approach referred, exper-
imental testbed used, and the derived inferences. From the above discussion, it may be observed that the traditional
solutions for availability, confidentiality, integrity, and authentic-
5. Security issues in I-CPS ity are not suitable for I-CPSs. In these solutions, the new issues
such as interactions between different components, network het-
In [31], the authors present a systematic review on CPS secu- erogeneity, and cyber connections are not considered. Thus, more
rity considering three main perspectives — CPS security perspec- intelligent security schemes are required to protect I-CPSs.
tive, CPS components perspective, and CPS systems perspective.
Following are the security issues in I-CPS. 5.2. I-CPS components perspective:

5.1. I-CPS security perspective: 1. Heterogeneity: CPS consists of various components hav-
ing different hardware and software. This heterogeneity of
In [24], the CPS security has been categorized into two areas CPS components introduces significant challenges in the
— data security and control security. Data security deals with privacy and security protection of CPS.
12
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

2. Interoperability: Diverse components in a system put a chal- 6.2. Research opportunities

lenge of seamless interoperability. The components need
an interfacing layer for efficient communication, and may Despite having the above mentioned challenges, there are also
be a potential security concern in the I-CPS environment. multiple opportunities present in the field of I-CPS. Some of the
3. Cohesiveness: The internal cohesion of different functional notable future research opportunities are listed as follows.
components defines the architectural strength of any sys-
1. Sustainable Development: Sustainable development refers
tem. Considering a wide number of components presents a
to meeting the needs of the present situations without
security challenge in I-CPS.
compromising the ability of future generations. There is
4. Coupling: The inter-connection of different functional com-
a requirement to maintain sustainable development in I-
ponents defines the overall stability of the system. CPS. This improves the overall functional architecture of an
Nonetheless, this inter-connection may be a potential se- I-CPS system.
curity target. 2. Reliability Ensurance: Considering the industrial environ-
ment and its criticality, it becomes important to ensure the
5.3. I-CPS systems perspective: reliable operations in the system. This assists in maintain-
ing a robust I-CPS system.
1. Fault-tolerance: The fault-tolerance is an important system 3. Cross Layer Collaboration: It is important to improve the
property that defines the overall robustness of the system. cross layer collaboration in a multi-layer I-CPS. This helps
I-CPSs need high degree fault-tolerance despite having the to build a more cohesive I-CPS system.
underlying device heterogeneity. 4. Improved Communication: Effective communication helps
2. Maintainability: The I-CPSs need good maintenance at reg- to improve the performance of an I-CPS system. It is very
ular intervals. However, the maintainability in I-CPSs is a necessary to improve the network communication in the
challenging job in presence of multiple standards and/or I-CPS system.
protocols. 5. Efficient Data Migration: An I-CPS system needs to maintain
3. Scalability: An industrial system encounters multiple scal- a consistent data state. The duplicate network data can
ing needs at regular time intervals. Though the I-CPS is be ported to the local storage structures and/or the cloud
a subset of industrial systems, scalability becomes a need storage for backup purposes. This mechanism needs the de-
with time. However, it is not easy due to potential security velopment of efficient data migration techniques suitable
concerns. for I-CPS systems.
4. Reliability: An industrial system needs to be highly reliable 6. Secure Functional Architecture: An I-CPS system involves
in nature. However, this reliability depends on the effec- wide varieties of interaction with the outside environ-
tive performance of all constituent components. Thus, the ment. The consistent input/output from/to different par-
ties/components need secure functional architecture. This
absolute reliability is hard to achieve in I-CPS considering
helps to assist the robust network maintenance of an I-CPS
the presence of numerous underlying components.
system.

6. Research challenges and opportunities in I-CPS 7. Conclusion and future work

6.1. Research challenges There are different security challenges in I-CPS considering
the wide range of underlying devices, functional protocols, com-
There are many challenges in the implementation of IIoT that plex architecture, etc. Numerous vulnerabilities and attacks are
need to be addressed in the near future. Some of the major present in I-CPSs. Considering the broad types of CPSs, it is dif-
challenges that have been found from the literature study [4] are ficult to provide a comprehensive systematized coverage on CPS
listed as follows. security. This work has attempted to offer a survey on different
security aspects of I-CPSs ranging over a decade. Additionally,
1. Energy Efficiency: Considering the presence of wide vari- the work discusses different vulnerabilities, attacks, CPS compo-
eties of sensors and respective power concerns, energy nents, etc., present in an I-CPS. The year-wise analysis highlights
efficiency arises as a major research challenge in I-CPS. the underlying objective, approach, inferences, etc. This helps to
2. Real-Time Performance Monitoring: Real-time system mon- understand the different security issues of respective works and
itoring helps to identify the performance gaps and related related gradual growth. Finally, the work highlights the various
issues. However, the design of such a monitoring system is research opportunities and challenges present in I-CPSs, which
a challenging job due to the underlying complex structure motivates the young researchers to explore future possibilities in
of I-CPS. the domain.
3. Coexistence and Interoperability: Numerous sensors and
functional modules present in the I-CPS environment pose Declaration of competing interest
the challenge of managing the co-existence of all these
devices. Additionally, the need for interoperability adds The authors declare that they have no known competing finan-
complexity further. cial interests or personal relationships that could have appeared
4. Security and Privacy: Due to the heterogeneity of the In- to influence the work reported in this paper.
ternet connected IoT devices and their ability to monitor
and control physical objects; security and privacy is a major References
challenge.
5. Quality of Service: The user satisfaction is of utmost impor- [1] Tange K, De Donno M, Fafoutis X, Dragoni N. A systematic survey of
Industrial Internet of Things security: Requirements and fog computing
tance. The monitoring of IoT devices should take place in
opportunities. IEEE Commun Surv Tutor 2020;22(4):2489–520.
order to ensure the delivery of quality services to end-users [2] Scanzio S, Wisniewski L, Gaj P. Heterogeneous and dependable networks
in a cost-effective manner. in industry–A survey. Comput Ind 2021;125:103388.

13
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

[3] Jimeno-Morenilla A, Azariadis P, Molina-Carmona R, Kyratzi S, Mouliani- [32] Ribeiro L, Björkman M. Transitioning from standard automation solu-
tis V. Technology enablers for the implementation of industry 4.0 to tions to cyber–physical production systems: An assessment of critical
traditional manufacturing sectors: A review. Comput Ind 2021;103390. conceptual and technical challenges. IEEE Syst J 2017;12(4):3816–27.
[4] Sisinni E, Saifullah A, Han S, Jennehag U, Gidlund M. Industrial Internet [33] Pivoto DG, Almeida LFde, Righi RdaRosa, Rodrigues JJPC, Lugli AB, Al-
of Things: Challenges, opportunities, and directions. IEEE Trans Ind Inf berti AM. Cyber-physical systems architectures for Industrial Internet of
2018;14(11):4724–34. Things applications in industry 4.0: A literature review. J Manuf Syst
[5] Basir R, Qaisar S, Ali M, Aldwairi M, Ashraf MI, Mahmood A, et al. Fog 2021;58:176–92.
computing enabling Industrial Internet of Things: State-of-the-art and [34] Leitao P, Karnouskos S, Ribeiro L, Lee J, Strasser T, Colombo AW. Smart
research challenges. Sensors 2019;19(21):4807. agents in industrial cyber–physical systems. Proc IEEE 2016;104(5):1086–
[6] Boyes H, Hallaq B, Cunningham J, Watson T. The Industrial Internet of 101.
Things (IIoT): An analysis framework. Comput Ind 2018;101:1–12. [35] Cheminod M, Durante L, Valenzano A. Review of security issues in
[7] De Donno M, Dragoni N, Giaretta A, Spognardi A. DDoS-capable IoT industrial networks. IEEE Trans Ind Inf 2012;9(1):277–93.
malwares: Comparative analysis and Mirai investigation. Secur Commun [36] Huang K, Zhou C, Tian YC, Yang S, Qin Y. Assessing the physical impact of
Netw 2018;7178164. cyberattacks on industrial cyber–physical systems. IEEE Trans Ind Electron
[8] Agrawal N, Tapaswi S. Defense mechanisms against DDoS attacks in a 2018;65(10):8153–62.
cloud computing environment: State-of-the-art and research challenges. [37] Zhang D, Wang QG, Feng G, Shi Y, A.V. Vasilakos. A survey on attack
IEEE Commun Surv Tutor 2019;21(4):3769–95. detection, estimation and control of industrial cyber–physical systems.
[9] Kayan H, Nunes M, Rana O, Burnap P, Perera C. Cybersecurity of industrial ISA Trans 2021;116:1–16.
cyber-physical systems: A review. Cryptography and security. 2021, arXiv [38] Lv Z, Chen D, Lou R, Alazab A. Artificial intelligence for securing
preprint arXiv:2101.03564. industrial-based cyber–physical systems. Future Gener Comput Syst
[10] Guo L, Yang B, Ye J, Chen H, Li F, Song WZ, et al. Systematic assessment 2021;117:291–8.
of cyber–physical security of energy management system for connected [39] Liu X, Zhang J, Zhu P, Tan Q, Yin W. Quantitative cyber–physical security
and automated electric vehicles. IEEE Trans Ind Inf 2020;17(5):3335–47. analysis methodology for industrial control systems based on incomplete
[11] Dowdeswell B, Sinha R, MacDonell SG. Finding faults: A scoping study information Bayesian game. Comput Secur 2021;102:102138.
of fault diagnostics for industrial cyber–physical systems. J Syst Softw [40] Dong L, Xu H, Wei X, Hu X. Security correction control of stochas-
2020;168:110638. tic cyber–physical systems subject to false data injection attacks with
[12] Giaimo F, Andrade H, Berger C. Continuous experimentation and the heterogeneous effects. ISA Trans 2021.
cyber–physical systems challenge: An overview of the literature and the [41] Ma L, Zhang Y, Yang C, Zhou L. Security control for two-time-scale cyber
industrial perspective. J Syst Softw 2020;170:110781. physical systems with multiple transmission channels under DoS attacks:
[13] Ding D, Han QL, Wang Z, Ge X. A survey on model-based distributed The input-to-state stability. J Franklin Inst B 2021.
control and filtering for industrial cyber–physical systems. IEEE Trans Ind [42] Sheng C, Yao Y, Fu Q, Yang W. A cyber–physical model for SCADA system
Inf 2019;15(5):2483–99. and its intrusion detection. Comput Netw 2021;185:107677.
[14] Ding D, Han QL, Xiang Y, Ge X, Zhang XM. A survey on secu- [43] Yang SH, Cao Y, Wang Y, Zhou C, Yue L, Zhang Y. Harmonizing safety and
rity control and attack detection for industrial cyber–physical systems. security risk analysis and prevention in cyber–physical systems. Process
Neurocomputing 2018;275:1674–83. Saf Environ Prot 2021;148:1279–91.
[15] Agrawal N. Dynamic load balancing assisted optimized access con- [44] Stellios I, Kotzanikolaou P, Grigoriadis C. Assessing IoT enabled
trol mechanism for edge-fog-cloud network in Internet of Things cyber-physical attack paths against critical systems. Comput Secur
environment. Concurr. Comput. Prac. Exper. 2021;e6440. 2021;102316.
[16] Atzori L, Iera A, Morabito G. The Internet of Things: A survey. Comput [45] Barrère M, Hankin C, Nicolaou N, Eliades DG, Parisini T. Measuring cyber–
Netw 2010;54(15):2787–805. physical security in industrial control systems via minimum-effort attack
[17] Gubbi J, Buyya R, Marusic S, Palaniswami M. Internet of Things (IoT): strategies. J Inform Secur Appl 2020;52:102471.
A vision, architectural elements, and future directions. Future Gener [46] Cao R, Hao L, Gao Q, Deng J, Chen J. Modeling and decision-making
Comput Syst 2013;29(7):1645–60. methods for a class of cyber–physical systems based on modified hybrid
[18] Al-Fuqaha A, Guizani M, Mohammadi M, Aledhari M, Ayyash M. Internet stochastic timed Petri net. IEEE Syst J 2020;14(4):4684–93.
of Things: A survey on enabling technologies, protocols, and applications. [47] Yang B, Guo L, Li F, Ye J, Song W. Vulnerability assessments of electric
IEEE Commun Surv Tutor 2015;17(4):2347–76. drive systems due to sensor data integrity attacks. IEEE Trans Ind Inf
[19] Internet of Things (IoT) market - Growth, trends, COVID-19 impact, and 2019;16(5):3301–10.
forecasts (2021–2026). Available Online. https://www.mordorintelligence. [48] Li B, Xiao Y, Shi Y, Kong Q, Wu Y, Bao H. Anti-honeypot enabled optimal
com/industry-reports/internet-of-things-moving-towards-a-smarter- attack strategy for industrial cyber-physical systems. IEEE Open J Comput
tomorrow-market-industry?. Soc 2020;1:250–61.
[20] IoT Market Demands: Internet of Things Forecasts. 2021, Available Online. [49] Farivar F, Haghighi MS, Jolfaei A, Alazab M. Artificial intelligence for
https://www.velvetech.com/blog/top-iot-market-demands/. detection, estimation, and compensation of malicious attacks in non-
[21] Da Xu L, He W, Li S. Internet of Things in industries: A survey. IEEE Trans linear cyber–physical systems and Industrial IoT. IEEE Trans Ind Inf
Ind Inf 2014;10(4):2233–43. 2019;16(4):2716–25.
[22] Xu H, Yu W, Griffith D, Golmie N. A survey on Industrial Inter- [50] Liu J, Zhang W, Ma T, Tang Z, Xie Y, Gui W, et al. Toward security mon-
net of Things: A cyber–physical systems perspective. IEEE Access itoring of industrial cyber–physical systems via hierarchically distributed
2018;6:78238–59. intrusion detection. Expert Syst Appl 2020;158:113578.
[23] Alguliyev R, Imamverdiyev Y, Sukhostat L. Cyber-physical systems and [51] Dai W, Pang C, Vyatkin V, Christensen JH, Guan X. Discrete-
their security issues. Comput Ind 2018;100:212–23. event-based deterministic execution semantics with timestamps for
[24] Ashibani Y, Mahmoud QH. Cyber physical systems security: Analysis, industrial cyber–physical systems. IEEE Trans Syst Man Cybern A
challenges and solutions. Comput Secur 2017;68:81–97. 2017;50(3):851–62.
[25] NIST. Cyber-physical systems: Situation analysis of current trends, tech- [52] Brandman J, Sturm L, White J, Williams C. A physical hash for preventing
nologies, and challenges. Columbia, Maryland: Natl. Inst. Stand. Technol and detecting cyber–physical attacks in additive manufacturing systems.
(NIST); 2012. J Manuf Syst 2020;56:202–12.
[26] Jing Q, Vasilakos AV, Wan J. Security of the Internet of Things: [53] Pearce H, Pinisetty S, Roop PS, Kuo MM, Ukil A. Smart I/O modules
Perspectives and challenges. Wirel Netw 2014;20(8). 2481-2501. for mitigating cyber–physical attacks on industrial control systems. IEEE
[27] Harrison R, Vera D, Ahmad B. Engineering methods and tools for Trans Ind Inf 2019;16(7):4659–69.
cyber–physical automation systems. Proc IEEE 2016;104(5):973–85. [54] Ma R, Cheng P, Zhang Z, Liu W, Wang Q, Wei Q. Stealthy attack against
[28] Khan R, Khan SU, Zaheer R, Khan S. Future Internet: The Internet of Things redundant controller architecture of industrial cyber–physical system.
architecture, possible applications and key challenges. In: 10th int. conf. IEEE Internet Things J 2019;6(6):9783–93.
front. inf. technol. 2012. p. 257–60. [55] Jiang B, Yang J, Ding G, Wang H. Cyber-physical security design in
[29] Peng Y, Lu T, Liu J, Gao Y, Guo X, Xie F. Cyber-physical system risk multimedia data cache resource allocation for industrial networks. IEEE
assessment. In: 9th int. conf. intell. inf. hiding multimed. signal process. Trans Ind Inf 2019;15(12):6472–80.
IEEE; 2013, p. 442–7. [56] Genge B, Haller P, Duka AV. Engineering security-aware control applica-
[30] Nourian A, Madnick S. A systems theoretic approach to the secu- tions for data authentication in smart industrial cyber–physical systems.
rity threats in cyber physical systems applied to stuxnet. IEEE Syst J Future Gener Comput Syst 2019;91:206–22.
2015;15(1):2–13. [57] Zhang F, Kodituwakku HADE, Hines JW, Coble J. Multilayer data-driven
[31] Humayed A, Lin J, Li F, Luo B. Cyber-physical systems security—A survey. cyber-attack detection system for industrial control systems based on
IEEE Internet Things J 2017;4(6):1802–31. network, system, and process data. IEEE Trans Ind Inf 2019;15(7):4362–9.

14
N. Agrawal and R. Kumar ISA Transactions xxx (xxxx) xxx

[58] Khalid A, Kirisci P, Khan ZH, Ghrairi Z, Thoben KD, Pannek J. Security [86] Almalawi A, Yu X, Tari Z, Fahad A, Khalil I. An unsupervised anomaly-
framework for industrial collaborative robotic cyber–physical systems. based detection approach for integrity attacks on SCADA systems. Comput
Comput Ind 2018;97:132–45. Secur 2014;46:94–110.
[59] Cheng J, Park JJH, Wu ZG, Yan H. Ultimate boundedness control for [87] Han S, Xie M, Chen HH, Ling Y. Intrusion detection in cyber–physical
networked singularly perturbed systems with deception attacks: A systems: Techniques and challenges. IEEE Syst J 2014;8(4):1052–62.
Markovian communication protocol approach. IEEE Trans Netw Sci Eng [88] Wells LJ, Camelio JA, Williams CB, White J. Cyber-physical security
2021. challenges in manufacturing systems. Manuf Lett 2014;2(2):74–7.
[60] Dong S, Zhu H, Zhong S, Shi K, Lu J. Impulsive-based almost surely [89] Vollmer T, Manic M. Cyber-physical system security with decep-
synchronization for neural network systems subject to deception attacks. tive virtual hosts for industrial control networks. IEEE Trans Ind Inf
IEEE Trans Neural Netw Learn Syst 2021;1–10. 2014;10(2):1337–47.
[61] Kim D, Han SC, Lin Y, Kang BH, Lee S. RDR-based knowledge based system [90] Gaw H, Bhattacharjee AK, Roy K. Control aware techniques for protection
to the failure detection in industrial cyber physical systems. Knowl-Based of industrial control system. In: 2014 annual IEEE India conference. IEEE;
Syst 2018;150:1–13. 2014, p. 1–6.
[62] Yang J, Zhou C, Yang S, Xu H, Hu B. Anomaly detection based on zone [91] Kawanaka T, Matsumaru M, Rokugawa S. Software measure in cyber-
partition for security protection of industrial cyber–physical systems. IEEE attacks on production control system. Comput Ind Eng 2014;76:378–86.
Trans Ind Electron 2018;65(5):4257–67. [92] Li Y, Shi L, Cheng P, Chen J, Quevedo DE. Jamming attack on cyber–
[63] Chaves A, Rice M, Dunlap S, Pecarina J. Improving the cyber resilience of physical systems: A game-theoretic approach. In: 2013 IEEE international
industrial control systems. Int J Crit Infrastruct Prot 2017;17:30–48. conference on cyber technology in automation, control and intelligent
[64] Orojloo H, Azgomi MA. A method for evaluating the consequence prop- systems. IEEE; 2013, p. 252–7.
agation of security attacks in cyber–physical systems. Future Gener [93] Abad FAT, Van Der Woude J, Lu Y, Bak S, Caccamo M, Sha L, et al. On-chip
Comput Syst 2017;67:57–71. control flow integrity check for real time embedded systems. In: 2013
[65] Friedberg I, McLaughlin K, Smith P, Laverty D, Sezer S. STPA-SafeSec: IEEE 1st international conference on cyber-physical systems, networks,
Safety and security analysis for cyber–physical systems. J Inform Secur and applications. CPSNA, IEEE; 2013, p. 26–31.
Appl 2017;34:183–96. [94] Chen CM, Hsiao HW, Yang PY, Ou YH. Defending malicious attacks in
[66] Orojloo H, Azgomi MA. A game-theoretic approach to model and quantify cyber physical systems. In: 2013 IEEE 1st int. conf. on cyber-physical sys.
the security of cyber–physical systems. Comput Ind 2017;88:44–57. net. and app. CPSNA, IEEE; 2013, p. 13–8.
[67] Ficco M, Choraś M, Kozik R. Simulation platform for cyber-security [95] Pereira A, Rodrigues N, Barbosa J, Leitão P. Trust and risk manage-
and vulnerability analysis of critical infrastructures. J Comput Sci ment towards resilient large-scale cyber–physical systems. In: 2013 IEEE
2017;22:179–86. international symposium on industrial electronics 2013. p. 1–6.
[68] DeSmit Z, Elhabashy AE, Wells LJ, Camelio JA. An approach to cyber– [96] Pasqualetti F, Dörfler F, Bullo F. Attack detection and identi-
physical vulnerability assessment for intelligent manufacturing systems. fication in cyber–physical systems. IEEE Trans Automat Control
J Manuf Syst 2017;43:339–51. 2013;58(11):2715–29.
[69] Haller P, Genge B. Using sensitivity analysis and cross-association for [97] Xu Y, Dong ZY, Xu Z, Meng K, Wong KP. An intelligent dynamic security
the design of intrusion detection systems in industrial cyber–physical assessment framework for power systems with wind power. IEEE Trans
systems. IEEE Access 2017;5:9336–47. Ind Inf 2012;8(4):995–1003.
[70] Piesik E, Śliwiński M, Barnert T. Determining and verifying the safety [98] Zeng W, Chow MY. Optimal tradeoff between performance and security
integrity level of the safety instrumented systems with the uncertainty in networked control systems based on coevolutionary algorithms. IEEE
and security aspects. Reliab Eng Syst Saf 2016;152:259–72. Trans Ind Electron 2011;59(7):3016–25.
[71] Ntalampiras S. Automatic identification of integrity attacks in cyber– [99] Khan MNA. Performance analysis of Bayesian networks and neu-
physical systems. Expert Syst Appl 2016;58:164–73. ral networks in classification of file system activities. Comput Secur
[72] Cherdantseva Y, Burnap P, Blyth A, Eden P, Jones K, Soulsby H, et al. A 2012;31(4):391–401.
review of cyber security risk assessment methods for SCADA systems. [100] Genge B, Siaterlis C, Fovino IN, Masera M. A cyber–physical experimenta-
Comput Secur 2016;56:1–27. tion environment for the security analysis of networked industrial control
[73] Dunlap S, Butts J, Lopez J, Rice M, Mullins B. Using timing-based side systems. Comput Electr Eng 2012;38(5):1146–61.
channels for anomaly detection in industrial control systems. Int J Crit [101] Zhang D, Ye Z, Feng G, Li H. Intelligent event-based fuzzy dynamic
Infrastruct Prot 2016;15:12–26. positioning control of nonlinear unmanned marine vehicles under DoS
[74] Li W, Xie L, Deng Z, Wang Z. False sequential logic attack on SCADA attack. IEEE Trans Cybern 2021;1–14.
system and its physical impact analysis. Comput Secur 2016;58:149–59. [102] Shafi Q. Cyber physical systems security: A brief survey. In: In: 12th int.
[75] Zheng B, Deng P, Anguluri R, Zhu Q, Pasqualetti F. Cross-layer codesign conf on comput. sci. and its appl. IEEE; 2012, p. 146–50.
for secure cyber–physical systems. IEEE Trans Comput-Aided Des Integr
Circuits Syst 2016;35(5):699–711.
[76] Yoo H, Shon T. Challenges and research directions for heterogeneous
cyber–physical system based on IEC 61850: Vulnerabilities, security
requirements, and security architecture. Future Gener Comput Syst
2016;61:128–36.
Neha Agarwal
[77] Hahn A, Thomas RK, Lozano I, Cardenas A. A multi-layered and Kill-Chain
based security analysis framework for cyber–physical systems. Int J Crit
Infrastruct Prot 2015;11:39–50.
[78] Thramboulidis K. A cyber–physical system-based approach for industrial
automation systems. Comput Ind 2015;72:92–102.
[79] Teixeira A, Shames I, Sandberg H, Johansson KH. A secure control
framework for resource-limited adversaries. Automatica 2015;51:135–48.
[80] Shin J, Son H, Heo G. Development of a cyber security risk model using
Bayesian networks. Reliab Eng Syst Saf 2015;134:208–17.
[81] Winn M, Rice M, Dunlap S, Lopez J, Mullins B. Constructing cost-effective
and targetable industrial control system honeypots for production
networks. Int J Crit Infrastruct Prot 2015;10:47–58.
[82] Bertolotti IC, Durante L, Seno L, Valenzano A. A twofold model for
the analysis of access control policies in industrial networked systems.
Rohit Kumar
Comput Stand Interfaces 2015;42:171–81.
[83] Cheminod M, Durante L, Seno L, Valenzano A. Semiautomated verification
of access control implementation in industrial networked systems. IEEE
Trans Ind Inf 2015;11(6):1388–99.
[84] Lin CW, Zhu Q, Sangiovanni-Vincentelli A. Security-aware modeling
and efficient mapping for CAN-based real-time distributed automotive
systems. IEEE Embed Syst Lett 2014;7(1):11–4.
[85] Yue X, Cai H, Yan H, Zou C, Zhou K. Cloud-assisted indus-
trial cyber–physical systems: An insight. Microprocess Microsyst
2015;39(8):1262–70.

15