Artículo: Role-based access control in wastewater treatment plants: An industrial use case
Fecha
Editor
Publicado en
Licencia Creative Commons
Resumen
Wastewater treatment plants (WWTPs) are critical infrastructures that employ cyber-physical systems (CPSs) and Internet of Things technology to manage and treat water. These systems gather data from various components such as sensors and monitors. However, the distributed nature of these systems introduces significant security concerns. To address these concerns, role-based access control (RBAC) has emerged as a fundamental security mechanism to govern access and authorization within these distributed CPS environments. This paper presents an innovative approach that leverages model-driven engineering (MDE) to implement RBAC in the design and operation of WWTPs. By integrating RBAC specifications seamlessly within the CPS model, this approach ensures a coherent security framework throughout the system's lifecycle. The use of MDE enables the generation of code and the creation of role-based custom visualizations, improving user experience and strengthening data security. We highlight the potential of these modeling techniques using a real-world scenario from TRANSACT, a KDT Joint Undertaking aiming to provide a framework to transform standalone safety-critical CPSs into safe and secure distributed solutions.