About this Research Topic
Both robustness and resilience are fundamental properties that determine how a system prepares for, absorbs, recovers from, and adapts to disruptions posed by a wide universe of potential threats. Such concepts have been applied to critical infrastructure, and are designed and engineered to deliver services and maintain critical functions in the presence of disruptions such as cyberattacks. The main difference between the two attributes concerns the amount of information that it is available on the threat agents, their tactics, techniques, and procedures before they hit the target system. Regarding robustness, most of the information of interest is available. However, when focusing on resilience we assume that very little information is available on threat agents than may also implement hybrid techniques, making it difficult to (a) determine what threats to prepare for, and (b) what vulnerabilities the given threat may exploit. As an example, an agent may merge social engineering and exploitation techniques to critical infrastructure and produce turmoil and social disorder in another country.
Contributions should be focused on frameworks to design ICT infrastructures able to achieve high robustness and resilience. High robustness is of critical interest because the framework should enable the designer to exploit at best the available information in order to build infrastructure that can resist attacks, even though using vulnerabilities and defects is still unknown when the system is designed. Likewise, resilience is another fundamental requirement in modern ICT systems and their interconnected infrastructure since the framework should enable the designer to minimize the time the infrastructure does not offer its services to the final users. We also welcome contributions focused on: (a) an integrated framework able to support both attributes; (b) innovative approaches centered on a single topic; (c) extended approaches such as the MITRE Att&ck Matrix framework to describe tactics, techniques, and procedures of hybrid threats against ICT infrastructures; and (d) adversary emulation technique as a proactive approach to test and validate the design of infrastructure before it is actually attacked.
Topics of interest are, but not limited to:
• Robustness by Design
• Resilience by Design
• Integrating Robustness and Resilience
• Systemic Threats and ICT/Cyber Resilience
• Multi-System Resilience
• Cost-effective Solutions
• Hybrid Threats
• Adversary Emulation as a Design Tool
• Att&ck Matrix support for Robustness and Resilience
Keywords: Robustness, Resilience, Threats, Risk, Critical Infrastructure
Important Note: All contributions to this Research Topic must be within the scope of the section and journal to which they are submitted, as defined in their mission statements. Frontiers reserves the right to guide an out-of-scope manuscript to a more suitable section or journal at any stage of peer review.