Cyber-Resilience of Cyber-Physical Systems Integrating Internet of Things Devices: A Survey

The introduction of Internet of Things (IoT) devices into industrial Cyber-Physical Systems (CPS) is associated with a multitude of potential vulnerabilities that can cause disruptions to industrial operations. Cyber-resilience countermeasures are required to minimize disruptive effects by not only preventing threats, but also by responding effectively when disruptive events occur. This article reports a survey to synthesize current strategies to guarantee cyber-resilience of CPS integrating IoT devices. According to the scientific literature the following cyber-resilience aspects attract the attention of the researchers: i) risk identification and assessment; ii) implementation of risk treatment measures; iii) threat monitoring and detection; and iv) response and recovery. Threat monitoring and detection deserve the highest attention and the application of machine learning and deep learning techniques to detect anomalies and cyber-attacks is a current research trend on the topic. In turn, research related to automated continuous risk assessment and to the maximization of response and recovery capacities is still residual. Moreover, the experimental designs to assess the proposed solutions have limitations