Home > Research > Publications & Outputs > Understanding Security Requirements for Industr...

Links

Text available via DOI:

View graph of relations

Understanding Security Requirements for Industrial Control System Supply Chains

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published
Close
NullPointerException

Abstract

We address the need for security requirements to take into account risks arising from complex supply chains underpinning cyber-physical infrastructures such as industrial control systems (ICS). We present SEISMiC (SEcurity Industrial control SysteM supply Chains), a framework that takes into account the whole spectrum of security risks-from technical aspects through to human and organizational issues- A cross an ICS supply chain. We demonstrate the effectiveness of SEISMiC through a supply chain risk assessment of Natanz, Iran's nuclear facility that was the subject of the Stuxnet attack.