A survey of cyber security management in industrial control systems

Contemporary industrial control systems no longer operate in isolation, but use other networks (e.g., corporate networks and the Internet) to facilitate and improve business processes. The consequence of this development is the increased exposure to cyber threats. This paper surveys the latest metho...

Full description

Saved in:
Bibliographic Details
Published in:International journal of critical infrastructure protection 2015-06, Vol.9, p.52-80
Main Authors: Knowles, William, Prince, Daniel, Hutchison, David, Disso, Jules Ferdinand Pagna, Jones, Kevin
Format: Article
Language:English
Subjects:
Industrial control systems
Risk assessment
Risk management
Risk metrics
SCADA systems
Security metrics
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Contemporary industrial control systems no longer operate in isolation, but use other networks (e.g., corporate networks and the Internet) to facilitate and improve business processes. The consequence of this development is the increased exposure to cyber threats. This paper surveys the latest methodologies and research for measuring and managing this risk. A dearth of industrial-control-system-specific security metrics has been identified as a barrier to implementing these methodologies. Consequently, an agenda for future research on industrial control system security metrics is outlined. The “functional assurance” concept is also introduced to deal with fail-safe and fail-secure industrial control system operations.
ISSN:1874-5482
2212-2087
DOI:10.1016/j.ijcip.2015.02.002