Background eHealt systems are cyber-physical systems (CPS) making safety-critical decisions based on information from other systems not known during development. To achieve the trust of users, measures of safety have to be taken into consideration in accordance with the “privacy by design” approach. This requires secure storage of information and guaranteeing safe exchange of data preventing unauthorised access, loss of data and cyber-attacks.
Methods In this design research, a proof-of-concept for eHealth CPS is built utilising 1) general principles of information security, 2) principles of building of cyber trust and 3) Hevner & Chatterjee’s theory of complex software-intensive system.
Results Resilient CPS consists of two sub-systems: the proper resilient system and the situational awareness system (main prerequisite towards cyber security). In a system of CPS, three networks are composed: hardware, software and social network. Trust should be systematically built up at all layers. The resilient hardware network is the basis on which the information sharing between different stakeholders could be created via software layers. However, the trust inside social networks quantifies the pieces of information that will be shared - and with whom.
Conclusions From citizens’ point of view, eHealth is wholeness in which sectors of information security (availability/confidentiality/integrity) hold true. Present procedures emphasise confidentiality at the expense of integrity and availability, and regulations/instructions are used as an excuse not to change even vital information. The mental-picture of cyber security should turn from “threat, crime, attack” to “trust”. Creating confidence in safe digital future is truly needed in the integration of the digital and physical world’s leading to a new digital revolution. The precondition for the exchange of information “trust” must be systematically built at every CPS’ level (platform, software, people).
- cyber trust
- cyber-physical system