Toward a Quantum Information System Cybersecurity Taxonomy and Testbed: Exploiting a Unique Opportunity for Early Impact

TL;DR

This paper proposes a preliminary taxonomy for quantum cybersecurity vulnerabilities and describes a testbed environment to enable collaborative research and experimental evaluation of security in quantum information systems.

Contribution

It introduces a novel taxonomy for quantum cybersecurity vulnerabilities and outlines the design of a testbed for collaborative security research in quantum systems.

Findings

A preliminary taxonomy for quantum cybersecurity vulnerabilities

Design of a quantum cybersecurity testbed environment

Potential for collaborative research and evaluation

Abstract

Any human-designed system can potentially be exploited in ways that its designers did not envision, and information systems or networks using quantum components do not escape this reality. We are presented with a unique but quickly waning opportunity to bring cybersecurity concerns to the forefront for quantum information systems before they become widely deployed. The resources and knowledge required to do so, however, may not be common in the cybersecurity community. Yet, a nexus exist. Cybersecurity starts with risk, and there are good taxonomies for security vulnerabilities and impacts in classical systems. In this paper, we propose a preliminary taxonomy for quantum cybersecurity vulnerabilities that accounts for the latest advances in quantum information systems, and must evolve to incorporate well-established cybersecurity principles and methodologies. We envision a testbed environment designed and instrumented with the specific purpose of enabling a broad collaborative community of cybersecurity and quantum information system experts to conduct experimental evaluation of software and hardware security including both physical and virtual quantum components. Furthermore, we envision that such a resource may be available as a user facility to the open science research community.