Designing secure SCADA systems using security patterns

Proceedings of the Annual Hawaii International Conference on System Sciences

Volumn , Issue , 2010, Pages

  Fernandez, Eduardo B ^a   Larrondo Petrie, Maria M ^a  

^a FLORIDA ATLANTIC UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CRITICAL INFRASTRUCTURE SYSTEMS; DAILY LIVES; KEY COMPONENT; NEW DIRECTIONS; POTENTIAL ATTACK; SECURE SYSTEM; SECURITY PATTERNS;

PUBLIC WORKS;

SCADA SYSTEMS;

EID: 77951749326     PISSN: 15301605     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HICSS.2010.139     Document Type: Conference Paper

References (20)

1. Fernandez, E.B., "Security patterns," in Procs. 8th International Symposium on System and Information Security - SSI'2006, Keynote talk, Sao Jose dos Campos, Brazil, November 08-10, 2006.
2. Schumacher, M., E. B. Fernandez, D. Hybertson, F. Buschmann, and P. Sommerlad. Security Patterns: Integrating Security and Systems Engineering. John Wiley & Sons, Inc., 2006.
3. Fernandez, E. B., M.M. Larrondo-Petrie, T. Sorgente, and M. VanHilst. A methodology to develop secure systems using patterns, Chapter 5 in "Integrating security and software engineering: Advances and future vision", H. Mouratidis and P. Giorgini (Eds.), IDEA Press, 2006, 107-126.
4. Braendle, M. and M. Naedele. Security for process control systems: An overview. IEEE Security & Privacy, Vol. 6, No 6, Nov.-Dec. 2008 pp.24-29
5. Goeke, D. and H. Nguyen. SCADA system security, 2005. http://islab.oregonstate.edu/koc/ece478/05Report/Goeke-Nguyen.pdf
6. Igure, V. M., S. A. Laughter, and R. D. Williams. Security issues in SCADA networks. Computers & Security, 25(7):498-506, 2006.
7. Gamma, E., R. Helm,R. Johnson, and J. Vlissides, Design patterns - Elements of reusable object-oriented software, Addison-Wesley 1994.
8. Byres, E. and J. Lowe, "The myths and facts behind cyber security risks for industrial control systems," in Proc. of VDE Congress, 2004.
9. Fernandez, E. B. M. VanHilst, M. M. Larrondo-Petrie, and S. Huang, "Defining security requirements through misuse actions," in Advanced Software Engineering: Expanding the Frontiers of Software Technology, 219:123-137, 2006. (Pubitemid 44856848)
10. Fernandez, E B. and R.Y. Pan, "A pattern language for security models," in Procs. of PLoP 2001, http://jerry.cs.uiuc.edu/~plop/plop2001/ accepted-submissions/accepted-papers.html
11. Priebe, T. E., B. Fernandez, J. I. Mehlau, and G. Pernul. "A pattern system for access controll," in Proc. of the 18th. Annual IFIP WG 11.3 Working Conference on Data and Applications Security, 2004.
12. Braga, A. C., Rubira, and R. Dahab. Pattern Languages of Program Design 4, Chapter 16,
13. "Tropyc: A pattern language for cryptographic object-oriented software". Addison Wesley Publishing Company, 1999. Also in Proc. of PLoP, 1998.
14. Boyer, S. A., Supervisory Control and Data Acquisition. ISA, 1999.
15. Miller, A., "Trends in process control systems security," IEEE Security and Privacy, 3(5):57-60, 2005. (Pubitemid 41560446)
16. U.S. Department Of Energy. "21 steps to improve cyber security of SCADA networks. U.S. DoE Report. September 9, 2002. http://www.oe.netl.doe.gov/ docs/prepare/21stepsbooklet.pdf
17. Gorman, S., "Electricity grid in U.S. penetrated by spies," in The Wall Street Journal Online, April 8, 2009. http://online.wsj.com/article/ SB123914805204099085.html?mod=goog
18. Fernandez, E. B., J. Ballesteros, A. C. Desouza-Doucet, and M. M. Larrondo-Petrie. "Security patterns for physical access control systems," in Proc. of the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, 2007.
19. Fernandez, E.B., M. VanHilst, D. laRed M., and S. Mujica, "An extended reference monitor for security and safety," to appear in Procs. 5th Iberoamerican Conference on Information Security (CIBSI 2009). Montevideo, Uruguay, November 2009.
20. th Hawaii Int. Conf. on Systems Science (HICSS-40), January 2007.