Abstract:Any human-designed system can potentially be exploited in ways that its designers did not envision, and information systems or networks using quantum components do not escape this reality. We are presented with a unique but quickly waning opportunity to bring cybersecurity concerns to the forefront for quantum information systems before they become widely deployed. The resources and knowledge required to do so, however, may not be common in the cybersecurity community. Yet, a nexus exist. Cybersecurity starts with risk, and there are good taxonomies for security vulnerabilities and impacts in classical systems. In this paper, we propose a preliminary taxonomy for quantum cybersecurity vulnerabilities that accounts for the latest advances in quantum information systems, and must evolve to incorporate well-established cybersecurity principles and methodologies. We envision a testbed environment designed and instrumented with the specific purpose of enabling a broad collaborative community of cybersecurity and quantum information system experts to conduct experimental evaluation of software and hardware security including both physical and virtual quantum components. Furthermore, we envision that such a resource may be available as a user facility to the open science research community.

What problem does this paper attempt to address?

### What problems does this paper attempt to solve? This paper aims to address the cybersecurity challenges faced by quantum information systems (QIS) prior to their widespread deployment. Specifically, the author focuses on the following key issues: 1. **Unique security threats to quantum information systems**: - Quantum computing and communication technologies bring new security risks, which are different from those in classical information systems. For example, a quantum computer may break current encryption algorithms, and the security of quantum communication depends on the properties of the physical layer (such as quantum entanglement), but new vulnerabilities may be introduced when implementing these properties. 2. **Lack of a comprehensive quantum cybersecurity taxonomy**: - Currently, there is no comprehensive quantum cybersecurity taxonomy. Although the classification methods of classical cybersecurity can be borrowed, this may not fully cover the threat vectors specific to quantum systems. Therefore, it is necessary to develop a security taxonomy specifically for quantum information systems. 3. **Insufficient infrastructure for testing and evaluating quantum network security**: - Existing test platforms mainly focus on the development of quantum capabilities rather than security testing. To ensure the security of quantum systems, a dedicated test platform needs to be established to enable researchers to conduct experimental evaluations, including the security of hardware, software, and communication protocols. 4. **The need for interdisciplinary cooperation**: - The security of quantum information systems involves knowledge from multiple disciplines, including physics, computer science, and cybersecurity. Therefore, it is necessary to promote cooperation among experts in these fields to ensure that newly developed security measures are comprehensive and effective. ### Main contributions of the paper - **Proposing a quantum cybersecurity taxonomy**: Based on existing classical cybersecurity frameworks (such as MITRE CAPEC and CWE), the author proposes a preliminary quantum cybersecurity taxonomy that covers three main areas: computing, communication, and sensing. - **Designing a quantum cybersecurity test platform**: The author suggests constructing a test platform that not only supports experimental evaluations of hardware and software but also allows researchers to simulate attack scenarios and evaluate the effectiveness of various security measures. Through these efforts, the author hopes to identify and solve potential security problems before the widespread deployment of quantum information systems, thereby ensuring the security and reliability of these technologies.

Toward a Quantum Information System Cybersecurity Taxonomy and Testbed: Exploiting a Unique Opportunity for Early Impact

A Security Assessment tool for Quantum Threat Analysis

NISQ Quantum Computing: A Security-Centric Tutorial and Survey

Cybersecurity for Quantum Computing

Cybersecurity in the Quantum Era: Assessing the Impact of Quantum Computing on Infrastructure

Cyber-physical defense in the quantum Era

A Review of Quantum Cybersecurity: Threats, Risks and Opportunities

Red Teaming Generative AI/NLP, the BB84 quantum cryptography protocol and the NIST-approved Quantum-Resistant Cryptographic Algorithms

Trojan Taxonomy in Quantum Computing

Evaluation Framework for Quantum Security Risk Assessment: A Comprehensive Strategy for Quantum-Safe Transition

A Primer on Security of Quantum Computing

Exploring and reviewing the potential of quantum computing in enhancing cybersecurity encryption methods

On the Role of Quantum Computing in Science and Cybersecurity

Quantum Clustering for Cybersecurity

Navigating Quantum Security Risks in Networked Environments: A Comprehensive Study of Quantum-Safe Network Protocols

Assessing the Benefits and Risks of Quantum Computers

A First Order Survey of Quantum Supply Dynamics and Threat Landscapes

Cybersecurity in Critical Infrastructures: A Post-Quantum Cryptography Perspective

Long-term cybersecurity applications enabled by quantum networks

Exploration of Quantum Computer Power Side-Channels