Any human-designed system can potentially be exploited in ways that its designers did not envision, and information systems or networks using quantum components do not escape this reality. We are presented with a unique but quickly waning opportunity to bring cybersecurity concerns to the forefront for quantum information systems before they become widely deployed. The resources and knowledge required to do so, however, may not be common in the cybersecurity community. Yet, a nexus exist. Cybersecurity starts with risk, and there are good taxonomies for security vulnerabilities and impacts in classical systems. In this paper, we propose a preliminary taxonomy for quantum cybersecurity vulnerabilities that accounts for the latest advances in quantum information systems, and must evolve to incorporate well-established cybersecurity principles and methodologies. We envision a testbed environment designed and instrumented with the specific purpose of enabling a broad collaborative community of cybersecurity and quantum information system experts to conduct experimental evaluation of software and hardware security including both physical and virtual quantum components. Furthermore, we envision that such a resource may be available as a user facility to the open science research community.

翻译：任何人造系统都可能以设计者未曾预料的方式被利用，而采用量子组件的信息系统或网络也无法幸免于此。我们面临一个独特但稍纵即逝的机遇，即在量子信息系统广泛部署之前，将网络安全问题置于首要地位。然而，开展这项工作所需的资源和知识在网络安全界可能尚不普及，但两者之间存在契合点。网络安全始于风险评估，而在经典系统中已有成熟的安全漏洞与影响分类体系。本文提出了一种针对量子网络安全漏洞的初步分类框架，该框架既考虑了量子信息系统的最新进展，又必须逐步融入成熟的网络安全原理与方法论。我们设想构建一个试验平台环境，其设计目标是为网络安全与量子信息系统专家组成的广泛协作社区提供软硬件安全实验评估能力，涵盖物理与虚拟量子组件。此外，我们期望该资源可作为开放式用户设施向开放科学研究社区开放。