A survey of cyber security management in industrial control systems

Associated organisational units

Text available via DOI:

https://doi.org/10.1016/j.ijcip.2015.02.002
Final published version

Keywords

Industrial control systems, SCADA systems, Risk assessment, Risk management, Security metrics, Risk metrics

View graph of relations

Research output: Contribution to Journal/Magazine › Journal article › peer-review

Published

Standard

A survey of cyber security management in industrial control systems. / Knowles, William ; Prince, Daniel David Campbell ; Hutchison, David et al.
In: International Journal of Critical Infrastructure Protection, Vol. 9, 01.06.2015, p. 52-80.

Research output: Contribution to Journal/Magazine › Journal article › peer-review

Harvard

Knowles, W , Prince, DDC , Hutchison, D, Disso, JFP & Jones, K 2015, 'A survey of cyber security management in industrial control systems', International Journal of Critical Infrastructure Protection, vol. 9, pp. 52-80. https://doi.org/10.1016/j.ijcip.2015.02.002

APA

Knowles, W., Prince, D. D. C., Hutchison, D., Disso, J. F. P., & Jones, K. (2015). A survey of cyber security management in industrial control systems. International Journal of Critical Infrastructure Protection, 9, 52-80. https://doi.org/10.1016/j.ijcip.2015.02.002

Vancouver

Knowles W , Prince DDC , Hutchison D, Disso JFP, Jones K. A survey of cyber security management in industrial control systems. International Journal of Critical Infrastructure Protection. 2015 Jun 1;9:52-80. Epub 2015 Mar 3. doi: 10.1016/j.ijcip.2015.02.002

Author

Knowles, William ; Prince, Daniel David Campbell ; Hutchison, David et al. / A survey of cyber security management in industrial control systems. In: International Journal of Critical Infrastructure Protection. 2015 ; Vol. 9. pp. 52-80.

Bibtex

@article{c09f20d134a147ff911128ac23c5c7a1,

title = "A survey of cyber security management in industrial control systems",

abstract = "Contemporary industrial control systems no longer operate in isolation, but use other networks (e.g., corporate networks and the Internet) to facilitate and improve business processes. The consequence of this development is the increased exposure to cyber threats. This paper surveys the latest methodologies and research for measuring and managing this risk. A dearth of industrial-control-system-specific security metrics has been identified as a barrier to implementing these methodologies. Consequently, an agenda for future research on industrial control system security metrics is outlined. The “functional assurance” concept is also introduced to deal with fail-safe and fail-secure industrial control system operations.",

keywords = "Industrial control systems, SCADA systems, Risk assessment, Risk management, Security metrics, Risk metrics",

author = "William Knowles and Prince, {Daniel David Campbell} and David Hutchison and Disso, {Jules Ferdinand Pagna} and Kevin Jones",

year = "2015",

month = jun,

day = "1",

doi = "10.1016/j.ijcip.2015.02.002",

language = "English",

volume = "9",

pages = "52--80",

journal = "International Journal of Critical Infrastructure Protection",

publisher = "Elsevier",

}

RIS

TY - JOUR

T1 - A survey of cyber security management in industrial control systems

AU - Knowles, William

AU - Prince, Daniel David Campbell

AU - Hutchison, David

AU - Disso, Jules Ferdinand Pagna

AU - Jones, Kevin

PY - 2015/6/1

Y1 - 2015/6/1

N2 - Contemporary industrial control systems no longer operate in isolation, but use other networks (e.g., corporate networks and the Internet) to facilitate and improve business processes. The consequence of this development is the increased exposure to cyber threats. This paper surveys the latest methodologies and research for measuring and managing this risk. A dearth of industrial-control-system-specific security metrics has been identified as a barrier to implementing these methodologies. Consequently, an agenda for future research on industrial control system security metrics is outlined. The “functional assurance” concept is also introduced to deal with fail-safe and fail-secure industrial control system operations.

AB - Contemporary industrial control systems no longer operate in isolation, but use other networks (e.g., corporate networks and the Internet) to facilitate and improve business processes. The consequence of this development is the increased exposure to cyber threats. This paper surveys the latest methodologies and research for measuring and managing this risk. A dearth of industrial-control-system-specific security metrics has been identified as a barrier to implementing these methodologies. Consequently, an agenda for future research on industrial control system security metrics is outlined. The “functional assurance” concept is also introduced to deal with fail-safe and fail-secure industrial control system operations.

KW - Industrial control systems

KW - SCADA systems

KW - Risk assessment

KW - Risk management

KW - Security metrics

KW - Risk metrics

U2 - 10.1016/j.ijcip.2015.02.002

DO - 10.1016/j.ijcip.2015.02.002

M3 - Journal article

VL - 9

SP - 52

EP - 80

JO - International Journal of Critical Infrastructure Protection

JF - International Journal of Critical Infrastructure Protection

ER -

Research

Associated organisational units

Links

Text available via DOI:

Keywords