Home > Research > Publications & Outputs > On the Cost of Security Compliance in Informati...

Electronic data

  • On_the_cost_of_security_compliance_in_information_systems_CR

    Accepted author manuscript, 472 KB, PDF document

View graph of relations

On the Cost of Security Compliance in Information Systems

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Published

Standard

On the Cost of Security Compliance in Information Systems. / Hofbauer, David; Ivkic, Igor; Maksuti, Silia; Aldrian, Andreas; Tauber, Markus.

The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019. IMCIC, 2019.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paper

Harvard

Hofbauer, D, Ivkic, I, Maksuti, S, Aldrian, A & Tauber, M 2019, On the Cost of Security Compliance in Information Systems. in The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019. IMCIC, The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019, Orlando, United States, 12/03/19.

APA

Hofbauer, D., Ivkic, I., Maksuti, S., Aldrian, A., & Tauber, M. (2019). On the Cost of Security Compliance in Information Systems. In The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019 IMCIC.

Vancouver

Hofbauer D, Ivkic I, Maksuti S, Aldrian A, Tauber M. On the Cost of Security Compliance in Information Systems. In The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019. IMCIC. 2019

Author

Hofbauer, David ; Ivkic, Igor ; Maksuti, Silia ; Aldrian, Andreas ; Tauber, Markus. / On the Cost of Security Compliance in Information Systems. The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019. IMCIC, 2019.

Bibtex

@inproceedings{853fdcca114a4996ab653243217be1d0,
title = "On the Cost of Security Compliance in Information Systems",
abstract = "The onward development of information and communication technology has led to a new industrial revolution called Industry 4.0. This revolution involves Cyber-Physical Production Systems (CPPS), which consist of intelligent Cyber-Physical Systems that may be able to adapt themselves autonomously in a production environment. At the moment, machines in industrial environments are often not connected to the internet, which thus needs a point-to-point connection to access the device if necessary. Through Industry 4.0, these devices should enable remote access for smart maintenance through a connection to the outside world. However, this connection opens the gate for possible cyber-attacks and thus raises the question about providing security for these environments. Therefore, this paper used an adapted approach based on SixSigma to solve this security problem by investigating security standards. Security requirements were gathered and mapped to controls from well known security standards, formed into a catalog. This catalog includes assessment information to check how secure a solution for a use case is and also includes a link to an estimation method for implementation cost. Thus this paper{\textquoteright}s outcome shows how to make Industry 4.0 use cases secure by fulfilling security standard controls and how to estimate the resulting implementation costs.",
keywords = "Industry 4.0, Cyber-Physical Systems, Requirements Engineering, Standard Compliance, Security, Remote Access, Costs",
author = "David Hofbauer and Igor Ivkic and Silia Maksuti and Andreas Aldrian and Markus Tauber",
year = "2019",
month = mar,
day = "1",
language = "English",
booktitle = "The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019",
publisher = "IMCIC",
note = "The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019, IMCIC 2019 ; Conference date: 12-03-2019 Through 15-05-2019",
url = "http://www.iiis-spring19.org/imcic/Website/KSpeakers.asp?vc=26",

}

RIS

TY - GEN

T1 - On the Cost of Security Compliance in Information Systems

AU - Hofbauer, David

AU - Ivkic, Igor

AU - Maksuti, Silia

AU - Aldrian, Andreas

AU - Tauber, Markus

N1 - Conference code: 10

PY - 2019/3/1

Y1 - 2019/3/1

N2 - The onward development of information and communication technology has led to a new industrial revolution called Industry 4.0. This revolution involves Cyber-Physical Production Systems (CPPS), which consist of intelligent Cyber-Physical Systems that may be able to adapt themselves autonomously in a production environment. At the moment, machines in industrial environments are often not connected to the internet, which thus needs a point-to-point connection to access the device if necessary. Through Industry 4.0, these devices should enable remote access for smart maintenance through a connection to the outside world. However, this connection opens the gate for possible cyber-attacks and thus raises the question about providing security for these environments. Therefore, this paper used an adapted approach based on SixSigma to solve this security problem by investigating security standards. Security requirements were gathered and mapped to controls from well known security standards, formed into a catalog. This catalog includes assessment information to check how secure a solution for a use case is and also includes a link to an estimation method for implementation cost. Thus this paper’s outcome shows how to make Industry 4.0 use cases secure by fulfilling security standard controls and how to estimate the resulting implementation costs.

AB - The onward development of information and communication technology has led to a new industrial revolution called Industry 4.0. This revolution involves Cyber-Physical Production Systems (CPPS), which consist of intelligent Cyber-Physical Systems that may be able to adapt themselves autonomously in a production environment. At the moment, machines in industrial environments are often not connected to the internet, which thus needs a point-to-point connection to access the device if necessary. Through Industry 4.0, these devices should enable remote access for smart maintenance through a connection to the outside world. However, this connection opens the gate for possible cyber-attacks and thus raises the question about providing security for these environments. Therefore, this paper used an adapted approach based on SixSigma to solve this security problem by investigating security standards. Security requirements were gathered and mapped to controls from well known security standards, formed into a catalog. This catalog includes assessment information to check how secure a solution for a use case is and also includes a link to an estimation method for implementation cost. Thus this paper’s outcome shows how to make Industry 4.0 use cases secure by fulfilling security standard controls and how to estimate the resulting implementation costs.

KW - Industry 4.0

KW - Cyber-Physical Systems

KW - Requirements Engineering

KW - Standard Compliance

KW - Security

KW - Remote Access

KW - Costs

M3 - Conference contribution/Paper

BT - The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019

PB - IMCIC

T2 - The 10th International Multi-Conference on Complexity, Informatics and Cybernetics: IMCIC 2019

Y2 - 12 March 2019 through 15 May 2019

ER -