Next Article in Journal
New Experimental Single-Axis Excitation Set-Up for Multi-Axial Random Fatigue Assessments
Previous Article in Journal
Research on the Equal Probability Grouping Method for Automatic Fitting of Deep Groove Ball Bearings
Previous Article in Special Issue
How to Win Bosch Future Mobility Challenge: Design and Implementation of the VROOM Autonomous Scaled Vehicle
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Machines
Volume 13
Issue 7
10.3390/machines13070538
machines-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
This is an early access version, the complete PDF, HTML, and XML versions will be available soon.
Systematic Review

Security by Design for Industrial Control Systems from a Cyber–Physical System Perspective: A Systematic Mapping Study †

by
Ahmed Elmarkez
1,2,3,
Soraya Mesli-Kesraoui
1,
Pascal Berruet
2 and
Flavio Oquendo
3,*
1
SEGULA Engineering, 165 rue de la Montagne du Salut, 56600 Lanester, France
2
Laboratoire des Sciences et Techniques de l’information de la Communication et de la Connaissance (LAB-STICC), Université Bretagne Sud, Rue de Saint-Maudé, 56100 Lorient, France
3
Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université Bretagne Sud, Rue Yves Mainguy, BP 573, 56000 Vannes, France
*
Author to whom correspondence should be addressed.
This paper is extended of the paper Elmarkez, A.; Kesraoui-Mesli, S.; Oquendo, F.; Berruet, P. Insights on Security-by-Design of Cyber-Physical Production Systems: A Systematic Mapping. In Proceedings of the CIGI QUALITA MOSIM 2025—Conference on Modeling, Optimisation and Simulation, Troyes, France, 8–10 July 2025.
Machines 2025, 13(7), 538; https://doi.org/10.3390/machines13070538
Submission received: 12 May 2025 / Revised: 12 June 2025 / Accepted: 17 June 2025 / Published: 20 June 2025
(This article belongs to the Special Issue Emerging Approaches to Intelligent and Autonomous Systems)
Versions Notes

Abstract

Industrial Control Systems (ICSs), a specialized type of Cyber–Physical System, have shifted from isolated and obscured environments to ones exposed to diverse Information Technology (IT) security threats, which are now highly interconnected. Their adoption of IT introduces vulnerabilities which they were not originally designed to handle, posing critical risks. Thus, it’s imperative to integrate security measures early in CPS development, particularly during the design and implementation phases, to mitigate these vulnerabilities effectively. This study aims to identify, classify, and analyze existing research on the security-by-design paradigm for CPSs, exploring trends and defining the characteristics, advantages, limitations, and open issues of current methodologies. A systematic mapping study was conducted, selecting 55 primary studies through a rigorous protocol. The findings indicate that the majority of methodologies concentrate on the design phase, frequently overlooking other stages of development. Moreover, while there is a notable emphasis on security analysis across most primary studies, there is a notable gap in considering the integration of mitigation measures. This oversight raises concerns about the efficacy of security measures in real-world deployment scenarios. Additionally, there is a significant reliance on human intervention, highlighting the need for further development in automated security solutions. Conflicts between security requirements and other system needs are also inadequately addressed, potentially compromising overall system effectiveness. This work provides a comprehensive overview of CPS security-by-design methodologies and identifies several open issues that require further investigation, emphasizing the need for a holistic approach that includes vulnerability handling, clear security objectives, and effective conflict management, along with improved standard integration, advanced validation methods, and automated tools.
Keywords: security by design; Industrial Control Systems; Cyber–Physical System; cybersecurity; security engineering; security integration; system engineering; Industry 4.0 security by design; Industrial Control Systems; Cyber–Physical System; cybersecurity; security engineering; security integration; system engineering; Industry 4.0

Share and Cite

MDPI and ACS Style

Elmarkez, A.; Mesli-Kesraoui, S.; Berruet, P.; Oquendo, F. Security by Design for Industrial Control Systems from a Cyber–Physical System Perspective: A Systematic Mapping Study. Machines 2025, 13, 538. https://doi.org/10.3390/machines13070538

AMA Style

Elmarkez A, Mesli-Kesraoui S, Berruet P, Oquendo F. Security by Design for Industrial Control Systems from a Cyber–Physical System Perspective: A Systematic Mapping Study. Machines. 2025; 13(7):538. https://doi.org/10.3390/machines13070538

Chicago/Turabian Style

Elmarkez, Ahmed, Soraya Mesli-Kesraoui, Pascal Berruet, and Flavio Oquendo. 2025. "Security by Design for Industrial Control Systems from a Cyber–Physical System Perspective: A Systematic Mapping Study" Machines 13, no. 7: 538. https://doi.org/10.3390/machines13070538

APA Style

Elmarkez, A., Mesli-Kesraoui, S., Berruet, P., & Oquendo, F. (2025). Security by Design for Industrial Control Systems from a Cyber–Physical System Perspective: A Systematic Mapping Study. Machines, 13(7), 538. https://doi.org/10.3390/machines13070538

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop