Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Understanding Security Requirements for Industrial Control System Supply Chains
AU - Hou, Y.
AU - Such, J.
AU - Rashid, A.
PY - 2019/9/5
Y1 - 2019/9/5
N2 - We address the need for security requirements to take into account risks arising from complex supply chains underpinning cyber-physical infrastructures such as industrial control systems (ICS). We present SEISMiC (SEcurity Industrial control SysteM supply Chains), a framework that takes into account the whole spectrum of security risks-from technical aspects through to human and organizational issues- A cross an ICS supply chain. We demonstrate the effectiveness of SEISMiC through a supply chain risk assessment of Natanz, Iran's nuclear facility that was the subject of the Stuxnet attack.
AB - We address the need for security requirements to take into account risks arising from complex supply chains underpinning cyber-physical infrastructures such as industrial control systems (ICS). We present SEISMiC (SEcurity Industrial control SysteM supply Chains), a framework that takes into account the whole spectrum of security risks-from technical aspects through to human and organizational issues- A cross an ICS supply chain. We demonstrate the effectiveness of SEISMiC through a supply chain risk assessment of Natanz, Iran's nuclear facility that was the subject of the Stuxnet attack.
KW - cyber-physical systems
KW - risk decision-making
KW - security requirements
KW - supply chains
KW - Control systems
KW - Cryptography
KW - Cyber Physical System
KW - Decision making
KW - Embedded systems
KW - Man machine systems
KW - Risk assessment
KW - Seismology
KW - Software engineering
KW - Supply chains
KW - Complex supply chain
KW - Industrial control systems
KW - Nuclear facilities
KW - Organizational issues
KW - Risk decision making
KW - Security requirements
KW - Supply chain risk
KW - Technical aspects
KW - Intelligent control
U2 - 10.1109/SEsCPS.2019.00016
DO - 10.1109/SEsCPS.2019.00016
M3 - Conference contribution/Paper
SP - 50
EP - 53
BT - 2019 IEEE/ACM 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)
PB - IEEE
ER -