Final published version
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - A survey of cyber security management in industrial control systems
AU - Knowles, William
AU - Prince, Daniel David Campbell
AU - Hutchison, David
AU - Disso, Jules Ferdinand Pagna
AU - Jones, Kevin
PY - 2015/6/1
Y1 - 2015/6/1
N2 - Contemporary industrial control systems no longer operate in isolation, but use other networks (e.g., corporate networks and the Internet) to facilitate and improve business processes. The consequence of this development is the increased exposure to cyber threats. This paper surveys the latest methodologies and research for measuring and managing this risk. A dearth of industrial-control-system-specific security metrics has been identified as a barrier to implementing these methodologies. Consequently, an agenda for future research on industrial control system security metrics is outlined. The “functional assurance” concept is also introduced to deal with fail-safe and fail-secure industrial control system operations.
AB - Contemporary industrial control systems no longer operate in isolation, but use other networks (e.g., corporate networks and the Internet) to facilitate and improve business processes. The consequence of this development is the increased exposure to cyber threats. This paper surveys the latest methodologies and research for measuring and managing this risk. A dearth of industrial-control-system-specific security metrics has been identified as a barrier to implementing these methodologies. Consequently, an agenda for future research on industrial control system security metrics is outlined. The “functional assurance” concept is also introduced to deal with fail-safe and fail-secure industrial control system operations.
KW - Industrial control systems
KW - SCADA systems
KW - Risk assessment
KW - Risk management
KW - Security metrics
KW - Risk metrics
U2 - 10.1016/j.ijcip.2015.02.002
DO - 10.1016/j.ijcip.2015.02.002
M3 - Journal article
VL - 9
SP - 52
EP - 80
JO - International Journal of Critical Infrastructure Protection
JF - International Journal of Critical Infrastructure Protection
ER -