Home > Research > Publications & Outputs > Understanding Security Requirements for Industr...


Text available via DOI:

View graph of relations

Understanding Security Requirements for Industrial Control System Supply Chains

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Publication date5/09/2019
Host publication2019 IEEE/ACM 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)
Number of pages4
ISBN (electronic)9781728122823
<mark>Original language</mark>English


We address the need for security requirements to take into account risks arising from complex supply chains underpinning cyber-physical infrastructures such as industrial control systems (ICS). We present SEISMiC (SEcurity Industrial control SysteM supply Chains), a framework that takes into account the whole spectrum of security risks-from technical aspects through to human and organizational issues- A cross an ICS supply chain. We demonstrate the effectiveness of SEISMiC through a supply chain risk assessment of Natanz, Iran's nuclear facility that was the subject of the Stuxnet attack.