Jyri Rajamäki



Cross-layer Approach for Designing Resilient (Sociotechnical, Cyber-Physical, Software-intensive and Systems of) Systems

pdf PDF


Our society’s critical infrastructures are sociotechnical cyber-physical systems (CPS) increasingly using open networks for operation. The vulnerabilities of the software deployed in the new control system infrastructure will expose the control system to many potential risks and threats from attackers. This paper starts to develop an information systems design theory for resilient software-intensive systems (DT4RS) so that communities developing and operating different security technologies can share knowledge and best practices using a common frame of reference. By a sound design theory, the outputs of these communities will combine to create more resilient systems, with fewer vulnerabilities and an improved stakeholder sense of security and welfare. The main element of DT4RS is a multi-layered reference architecture of the human, software (cyber) and platform (physical) layers of a cyber-physical system. The layered architecture can facilitate the understanding of the cross-layer interactions between the layers. Cyber security properties are leveraged to help analyzing the interactions between these layers.


Sociotechnical systems; Cyber-physical systems; Systems of systems, Design theory, Resilience, Cyber security, Resilient systems, Cross-layer Approach.


[1] I. Linkov, T. Bridges, F. Creutzig, J. Decker, C. Fox-Lent, W. Kröger, J. H. Lambert, A. Levermann, B. Montreuil, J. Nathwani, R. Nyer, O. Renn, B. Scharte, A. Scheffler, M. Schreurs and T. Thiel-Clemen, “Changing the resilience paradigm,” Nature Climat Change, vol. 4, pp. 407-409, 2014.

[2] A. Hevner and S. Chatterjee, Design Science Research in Information Systems, Springer, 2010.

[3] Q. Zhu and T. Basar, “Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-inGames Principle for Optimal Cross-Layer Resilient Control Systems,” IEEE Control Systems, vol. 35, no. 1, pp. 46-65, 2015.

[4] R. McMillan, “Siemens: Stuxnet worm hit industrial systems,” Sept. 2010. [Online]. Available: http://www.computerworld.com/s/article/print/ 9185419. [Accessed 18 March 2016].

[5] S. Greengard, “The new face of war,” Commun. ACM, vol. 53, no. 12, pp. 20-22, 2010.

[6] B. Krebs, “Cyber incident blamed for nuclear power plant shutdown,” Washington Post, June 2008. [Online]. Available: http://www.washingtonpost.com/wpdyn/content/article/2008/06/05/AR2008060501 958.html. [Accessed 18 March 2016].

[7] S. Gorman, “Electricity grid in U.S. penetrated by spies,” Wall Str. J., April 2009. [Online]. Available: http://online.wsj.com/article/SB123914805204 099085.html. [Accessed 18 March 2016].

[8] A. Cardenas, S. Amin and S. Sastry, “Secure control: Towards survivable cyber-physical systems,” in Proceedings of the Twenty-Eighth International Conference on Distributed Computing Systems Workshops, 2008.

[9] Y. Liu, P. Ning and M. Reiter, “ False data injection attacks against state estimation in electric power grids,” in Proceedings of the Sixteenth ACM Conference on Computer and Communications Security, 2009.

[10] C. Li, A. Raghunathan and N. Jha, “Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system,” in Proceedings of the Thirteenth IEEE International Conference on e-Health Networking Applications and Services, 2011.

[11] J. Radcliffe, “Hacking medical devices for fun and insulin: Breaking the human SCADA system,” in The Black Hat Technical Security Conference USA, 2011.

[12] D. Shepard, J. Bhattiand and T. Humphreys, “Dronehack: Spoofing attack demonstration on a civilian unmanned aerial vehicle,” GPS World, 1 August 2012.

[13] J. Rajamäki, “Towards a Design Theory for Resilient (Sociotechnical, Cyber-Physical, Software-intensive and Systems of) Systems,” in Recent Advances in Information Science, Barcelona, 2016.

[14] Jamshidi, M., Systems of Systems Engineering: principle and applications, CRC Press, 2009.

[15] A. Hahn, R. Thomas, I. Lozano and A. Cardenas, “A multi-layered and kill-chain based security analysis framework for cyber-physical systems,” Internal Journal of Critical Infrastructure Protection, vol. 11, pp. 39-50, 2015.

[16] M. Ilic, “From hierarchical to open access electric power systems,” Proc. IEEE, vol. 95, no. 5, pp. 1060-1084, 2007.

[17] L. Waguespack, D. Yates and W. Schiano, “Towards a Design Theory for Trustworthy Information Systems,” 47th Hawaii International Conference on System Sciences (HICSS), pp. 3707-3716, 2014.

[18] S. Gregor and D. Jones, “The anatomy of a design theory,” Journal of the Association for Information Systems, vol. 8, pp. 312-335, 2007.

[19] W. Lee and S. Jang, “A study on information security management system model for small and medium enterprises,” Recent Advances in EActivities, Information Security and Privacy, pp. 84-87, 2009.

[20] O. Hanseth and K. Lyytinen, “Design theory for dynamic complexity in information infrastructures: the case of building internet,” Journal of Information Technology, vol. 25, pp. 1-19, 2010.

[21] J. S. Broderick, “ISMS, security standards and security regulations,” Information Security Technical Report, vol. 11, pp. 26-31, 2006.

[22] M. Siponen and R. Willison, “Information security management standards: Problems and solutions,” Information & Management, vol. 46, pp. 267-270, 2009.

[23] J. Rajamäki and R. Pirinen, “Critical infrastructure protection: Towards a design theory for resilient software-intensive syst,” European Intelligence and Security Informatics Conference (EISIC), 2015

Cite this paper

Jyri Rajamäki. (2016) Cross-layer Approach for Designing Resilient (Sociotechnical, Cyber-Physical, Software-intensive and Systems of) Systems. International Journal of Communications, 1, 137-144


Copyright © 2017 Author(s) retain the copyright of this article.
This article is published under the terms of the Creative Commons Attribution License 4.0