-
1
-
-
84871993542
-
A resilient architecture for forensic storage of events in critical infrastructures
-
M. Afzaal, C. Di Sarno, L. Coppolino, S. D[U+05F3]Antonio and L. Romano., A resilient architecture for forensic storage of events in critical infrastructures, Proceedings of the Fourteenth IEEE International Symposium on High-Assurance Systems Engineering, pp. 48-55, 2012.
-
(2012)
Proceedings of the Fourteenth IEEE International Symposium on High-Assurance Systems Engineering
, pp. 48-55
-
-
Afzaal, M.1
Di Sarno, C.2
Coppolino, L.3
D'Antonio, S.4
Romano, L.5
-
2
-
-
84873810390
-
Security aspects of SCADA and DCS environments
-
C. Alcaraz, G. Fernandez and F. Carvajal., Security aspects of SCADA and DCS environments, in Critical Infrastructure Protection, J. Lopez, R. Setola and S. Wolthusen (Eds.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 120-149, 2012.
-
(2012)
in Critical Infrastructure Protection, J. Lopez, R. Setola and S. Wolthusen (Eds.), Springer-Verlag, Berlin Heidelberg, Germany
, pp. 120-149
-
-
Alcaraz, C.1
Fernandez, G.2
Carvajal, F.3
-
3
-
-
84870372575
-
Analysis of requirements for critical control systems
-
C. Alcaraz and J. Lopez., Analysis of requirements for critical control systems, International Journal of Critical Infrastructure Protection, vol. 5(3-4), pp. 137-145, 2012.
-
(2012)
International Journal of Critical Infrastructure Protection
, vol.5
, Issue.3-4
, pp. 137-145
-
-
Alcaraz, C.1
Lopez, J.2
-
4
-
-
84929287545
-
Guidance for Addressing Cyber Security in the Chemical Industry
-
Version 3.0, Washington, DC
-
American Chemistry Council., Guidance for Addressing Cyber Security in the Chemical Industry, Version 3.0, Washington, DC, 2006.
-
(2006)
-
-
-
5
-
-
48249108851
-
Cryptographic Protection of SCADA Communications
-
Part 1: Background, Policies and Test Plan, AGA, Washington, DC
-
American Gas Association., Cryptographic Protection of SCADA Communications, Part 1: Background, Policies and Test Plan, AGA Report No. 12, Washington, DC, 2006.
-
(2006)
-
-
-
6
-
-
3843131408
-
Security Vulnerability Assessment Methodology for the Petroleum and Petrochemical Industries
-
Washington, DC
-
American Petroleum Institute., Security Vulnerability Assessment Methodology for the Petroleum and Petrochemical Industries, Washington, DC, 2003.
-
(2003)
-
-
-
7
-
-
33745384177
-
Security Guidelines for the Petroleum Industry
-
Washington, DC
-
American Petroleum Institute., Security Guidelines for the Petroleum Industry, Washington, DC, 2005.
-
(2005)
-
-
-
8
-
-
70450242149
-
Pipeline SCADA Security
-
Second Edition, API Standard 1164, Washington, DC
-
American Petroleum Institute., Pipeline SCADA Security, Second Edition, API Standard 1164, Washington, DC, 2009.
-
(2009)
-
-
-
9
-
-
84873293533
-
In quest of benchmarking security risks to cyber-physical systems
-
S. Amin, G. Schwartz and A. Hussain., In quest of benchmarking security risks to cyber-physical systems, IEEE Network, vol. 27(1), pp. 19-24, 2013.
-
(2013)
IEEE Network
, vol.27
, Issue.1
, pp. 19-24
-
-
Amin, S.1
Schwartz, G.2
Hussain, A.3
-
10
-
-
55549147190
-
Automated assessment of compliance with security best practices
-
Z. Anwar and R. Campbell., Automated assessment of compliance with security best practices, in Critical Infrastructure Protection II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 173-187, 2008.
-
(2008)
in Critical Infrastructure Protection II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts
, pp. 173-187
-
-
Anwar, Z.1
Campbell, R.2
-
11
-
-
84929264805
-
IT-Security for Industrial Automation - Example of use of the general model for manufacturers in factory automation - Process control system of an LDPE plant
-
VDI/VDE 2182, Blatt 3.1, Dusseldorf, Germany
-
Association of German Engineers (VDI)., IT-Security for Industrial Automation - Example of use of the general model for manufacturers in factory automation - Process control system of an LDPE plant, VDI/VDE 2182, Blatt 3.1, Dusseldorf, Germany, 2013.
-
(2013)
-
-
-
12
-
-
84891807508
-
A framework for modeling interdependencies in Japan[U+05F3]s critical infrastructures
-
Z. Aung and K. Watanabe., A framework for modeling interdependencies in Japan[U+05F3]s critical infrastructures, in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 243-257, 2009.
-
(2009)
in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany
, pp. 243-257
-
-
Aung, Z.1
Watanabe, K.2
-
13
-
-
78149396361
-
Measuring Cyber Security and Information Assurance: A State-of-the-Art Report
-
Information Assurance Technology Analysis Center, Herndon, Virginia
-
N. Bartol, B. Bates, K. Goertzel and T. Winograd., Measuring Cyber Security and Information Assurance: A State-of-the-Art Report, Information Assurance Technology Analysis Center, Herndon, Virginia, 2009.
-
(2009)
-
-
Bartol, N.1
Bates, B.2
Goertzel, K.3
Winograd, T.4
-
14
-
-
84858289733
-
Quantification of dependencies between electrical and information infrastructures
-
M. Beccuti, S. Chiaradonna, F. Di Giandomenico, S. Donatelli, G. Dondossola and G. Franceschinis., Quantification of dependencies between electrical and information infrastructures, International Journal of Critical Infrastructure Protection, vol. 5(1), pp. 14-27, 2012.
-
(2012)
International Journal of Critical Infrastructure Protection
, vol.5
, Issue.1
, pp. 14-27
-
-
Beccuti, M.1
Chiaradonna, S.2
Di Giandomenico, F.3
Donatelli, S.4
Dondossola, G.5
Franceschinis, G.6
-
15
-
-
84864173616
-
A Reference Model for Control and Automation Systems in Electrical Power
-
SAND2005-1000C, Sandia National Laboratories, Albuquerque, New Mexico
-
M. Berg and J. Stamp., A Reference Model for Control and Automation Systems in Electrical Power, SAND2005-1000C, Sandia National Laboratories, Albuquerque, New Mexico, 2005.
-
(2005)
-
-
Berg, M.1
Stamp, J.2
-
16
-
-
84875432083
-
Classification and trend analysis of threat origins to the security of power systems
-
E. Bompard, T. Huang, Y. Wu and M. Cremenescu., Classification and trend analysis of threat origins to the security of power systems, International Journal of Electrical Power and Energy Systems, vol. 50, pp. 50-64, 2013.
-
(2013)
International Journal of Electrical Power and Energy Systems
, vol.50
, pp. 50-64
-
-
Bompard, E.1
Huang, T.2
Wu, Y.3
Cremenescu, M.4
-
17
-
-
61349134071
-
Assessment of information impacts in power system security against malicious attacks in a general framework
-
E. Bompard, R. Napoli and F. Xue., Assessment of information impacts in power system security against malicious attacks in a general framework, Reliability Engineering and System Safety, vol. 94(6), pp. 1087-1094, 2009.
-
(2009)
Reliability Engineering and System Safety
, vol.94
, Issue.6
, pp. 1087-1094
-
-
Bompard, E.1
Napoli, R.2
Xue, F.3
-
18
-
-
84929289159
-
A plan for SCADA security to deter DDoS attacks
-
Proceedings of the Department of Homeland Security: R&D Partnering Conference
-
C. Bowen, T. Buennemeyer and R. Thomas., A plan for SCADA security to deter DDoS attacks, Proceedings of the Department of Homeland Security: R&D Partnering Conference, 2005.
-
(2005)
-
-
Bowen, C.1
Buennemeyer, T.2
Thomas, R.3
-
19
-
-
34748842440
-
Information Security Handbook: A Guide for Managers
-
NIST Special Publication 800-100, National Institute of Standards and Technology, Gaithersburg, Maryland
-
P. Bowen, J. Hash and M. Wilson., Information Security Handbook: A Guide for Managers, NIST Special Publication 800-100, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.
-
(2006)
-
-
Bowen, P.1
Hash, J.2
Wilson, M.3
-
20
-
-
77953715289
-
Ideal based cyber security technical metrics for control systems
-
W. Boyer and M. McQueen., Ideal based cyber security technical metrics for control systems, in Critical Information Infrastructures Security, J. Lopez and B. Hämmerli (Eds.), Springer-Verlag, Berlin, Heidelberg, Germany, pp. 246-260, 2008.
-
(2008)
in Critical Information Infrastructures Security, J. Lopez and B. Hämmerli (Eds.), Springer-Verlag, Berlin, Heidelberg, Germany
, pp. 246-260
-
-
Boyer, W.1
McQueen, M.2
-
21
-
-
78651087359
-
A manufacturer-specific security assessment methodology for critical infrastructure components
-
T. Brandstetter, K. Knorr and U. Rosenbaum., A manufacturer-specific security assessment methodology for critical infrastructure components, in Critical Infrastructure Protection IV, T. Moore and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 229-244, 2010.
-
(2010)
in Critical Infrastructure Protection IV, T. Moore and S. Shenoi (Eds.), Springer, Heidelberg, Germany
, pp. 229-244
-
-
Brandstetter, T.1
Knorr, K.2
Rosenbaum, U.3
-
22
-
-
33644658584
-
Information Technology - Security Techniques - Information Security Management - Measurement
-
BS ISO/IEC 27004:2009, London, United Kingdom
-
British Standards Institution., Information Technology - Security Techniques - Information Security Management - Measurement, BS ISO/IEC 27004:2009, London, United Kingdom, 2009.
-
(2009)
-
-
-
23
-
-
27544477471
-
Electronic Authentication Guideline
-
NIST Special Publication 800-63-2, National Institute of Standards and Technology, Gaithersburg, Maryland
-
W. Burr, D. Dodson, E. Newton, R. Perlner, W. Polk, S. Gupta and E. Nabbus., Electronic Authentication Guideline, NIST Special Publication 800-63-2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2013.
-
(2013)
-
-
Burr, W.1
Dodson, D.2
Newton, E.3
Perlner, R.4
Polk, W.5
Gupta, S.6
Nabbus, E.7
-
24
-
-
34047240072
-
The use of attack trees in assessing vulnerabilities in SCADA systems
-
Proceedings of the International Infrastructure Survivability Workshop
-
E. Byres, M. Franz and D. Miller., The use of attack trees in assessing vulnerabilities in SCADA systems, Proceedings of the International Infrastructure Survivability Workshop, 2004.
-
(2004)
-
-
Byres, E.1
Franz, M.2
Miller, D.3
-
25
-
-
84855819780
-
CERT Resilience Management Model (CERT-RMM): A Maturity Model for Managing Operational Resilience
-
Pearson Education, Boston, Massachusetts
-
R. Caralli, J. Allen and D. White., CERT Resilience Management Model (CERT-RMM): A Maturity Model for Managing Operational Resilience, Pearson Education, Boston, Massachusetts, 2011.
-
(2011)
-
-
Caralli, R.1
Allen, J.2
White, D.3
-
26
-
-
79955867639
-
A multidimensional critical state analysis for detecting intrusions in SCADA systems
-
A. Carcano, A. Coletta, M. Guglielmi, M. Masera, I. Nai Fovino and A. Trombetta., A multidimensional critical state analysis for detecting intrusions in SCADA systems, IEEE Transactions on Industrial Informatics, vol. 7(2), pp. 179-186, 2011.
-
(2011)
IEEE Transactions on Industrial Informatics
, vol.7
, Issue.2
, pp. 179-186
-
-
Carcano, A.1
Coletta, A.2
Guglielmi, M.3
Masera, M.4
Nai Fovino, I.5
Trombetta, A.6
-
27
-
-
79956009493
-
Attacks against process control systems: Risk assessment
-
A. Cardenas, S. Amin, Z. Lin, Y. Huang, C. Huang and S. Sastry., Attacks against process control systems: Risk assessment, detection and response, Proceedings of the Sixth ACM Symposium on Information, Computer and Communications Security, pp. 355-366, 2011.
-
(2011)
detection and response, Proceedings of the Sixth ACM Symposium on Information, Computer and Communications Security
, pp. 355-366
-
-
Cardenas, A.1
Amin, S.2
Lin, Z.3
Huang, Y.4
Huang, C.5
Sastry, S.6
-
28
-
-
25444518184
-
Systems Security Engineering Capability Maturity Model (SSE-CMM)
-
Model Description Document, Version 2.0, Pittsburgh, Pennsylvania
-
Carnegie Mellon University., Systems Security Engineering Capability Maturity Model (SSE-CMM), Model Description Document, Version 2.0, Pittsburgh, Pennsylvania, 1999.
-
(1999)
-
-
-
29
-
-
84929297127
-
CIS Security Benchmarks
-
East Greenbush, New York
-
Center for Internet Security., CIS Security Benchmarks, East Greenbush, New York, 2014.
-
(2014)
-
-
-
30
-
-
84886813506
-
Good Practice Guide
-
Process Control and SCADA Security, Guide 2: Implement Secure Architecture, London, United Kingdom
-
Centre for the Protection of National Infrastructure., Good Practice Guide, Process Control and SCADA Security, Guide 2: Implement Secure Architecture, London, United Kingdom, 2008.
-
(2008)
-
-
-
31
-
-
84886813506
-
Good Practice Guide
-
Process Control and SCADA Security, Guide 4: Improve Awareness and Skills, London, United Kingdom
-
Centre for the Protection of National Infrastructure., Good Practice Guide, Process Control and SCADA Security, Guide 4: Improve Awareness and Skills, London, United Kingdom, 2008.
-
(2008)
-
-
-
32
-
-
84886813506
-
Good Practice Guide
-
Process Control and SCADA Security, Guide 7: Establish Ongoing Governance, London, United Kingdom
-
Centre for the Protection of National Infrastructure., Good Practice Guide, Process Control and SCADA Security, Guide 7: Establish Ongoing Governance, London, United Kingdom, 2008.
-
(2008)
-
-
-
33
-
-
84929277054
-
Resilience in Converged Networks: Good Practice Guidance
-
London, United Kingdom
-
Centre for the Protection of National Infrastructure., Resilience in Converged Networks: Good Practice Guidance, London, United Kingdom, 2009.
-
(2009)
-
-
-
34
-
-
84876059580
-
Cyber Security in Civil Aviation
-
London, United Kingdom
-
Centre for the Protection of National Infrastructure., Cyber Security in Civil Aviation, London, United Kingdom, 2012.
-
(2012)
-
-
-
35
-
-
67349092251
-
Detecting chains of vulnerabilities in industrial networks
-
M. Cheminod, I. Bertolotti, L. Durante, P. Maggi, D. Pozza, R. Sisto and A. Valenzano., Detecting chains of vulnerabilities in industrial networks, IEEE Transactions on Industrial Informatics, vol. 5(2), pp. 181-193, 2009.
-
(2009)
IEEE Transactions on Industrial Informatics
, vol.5
, Issue.2
, pp. 181-193
-
-
Cheminod, M.1
Bertolotti, I.2
Durante, L.3
Maggi, P.4
Pozza, D.5
Sisto, R.6
Valenzano, A.7
-
36
-
-
70350634504
-
Using model-based intrusion detection for SCADA networks
-
Proceedings of the SCADA Security Scientific Symposium
-
S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner and A. Valdes., Using model-based intrusion detection for SCADA networks, Proceedings of the SCADA Security Scientific Symposium, 2007.
-
(2007)
-
-
Cheung, S.1
Dutertre, B.2
Fong, M.3
Lindqvist, U.4
Skinner, K.5
Valdes, A.6
-
37
-
-
70350663440
-
Performance Measurement Guide for Information Security
-
NIST Special Publication 800-55, National Institute of Standards and Technology, Gaithersburg, Maryland
-
E. Chew, M. Swanson, K. Stine, N. Bartol, A. Brown and W. Robinson., Performance Measurement Guide for Information Security, NIST Special Publication 800-55, National Institute of Standards and Technology, Gaithersburg, Maryland, 2008.
-
(2008)
-
-
Chew, E.1
Swanson, M.2
Stine, K.3
Bartol, N.4
Brown, A.5
Robinson, W.6
-
38
-
-
84893229206
-
Structural and functional vulnerability analysis for survivability of smart grid and SCADA network under severe emergencies and WMD attacks
-
P. Chopade and M. Bikdash., Structural and functional vulnerability analysis for survivability of smart grid and SCADA network under severe emergencies and WMD attacks, Proceedings of the IEEE International Conference on Technologies for Homeland Security, pp. 99-105, 2013.
-
(2013)
Proceedings of the IEEE International Conference on Technologies for Homeland Security
, pp. 99-105
-
-
Chopade, P.1
Bikdash, M.2
-
39
-
-
84869111922
-
Computer Security Incident Handling Guide
-
NIST Special Publication 800-61, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland
-
P. Cichonski, T. Millar, T. Grance and K. Scarfone., Computer Security Incident Handling Guide, NIST Special Publication 800-61, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2012.
-
(2012)
-
-
Cichonski, P.1
Millar, T.2
Grance, T.3
Scarfone, K.4
-
40
-
-
0023266943
-
A comparison of commercial and military computer security policies
-
Proceedings of the IEEE Symposium on Security and Privacy
-
D. Clark and D. Wilson., A comparison of commercial and military computer security policies, Proceedings of the IEEE Symposium on Security and Privacy, p. 184-194, 1987.
-
(1987)
, pp. 184-194
-
-
Clark, D.1
Wilson, D.2
-
41
-
-
73849140062
-
A trust system architecture for SCADA network security
-
G. Coates, K. Hopkinson, S. Graham and S. Kurkowski., A trust system architecture for SCADA network security, IEEE Transactions on Power Delivery, vol. 25(1), pp. 158-169, 2010.
-
(2010)
IEEE Transactions on Power Delivery
, vol.25
, Issue.1
, pp. 158-169
-
-
Coates, G.1
Hopkinson, K.2
Graham, S.3
Kurkowski, S.4
-
42
-
-
84929268896
-
Critical Information Infrastructure Research Coordination (CI2RCO)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Critical Information Infrastructure Research Coordination (CI2RCO), European Commission, Luxembourg, 2007.
-
(2007)
-
-
-
43
-
-
84929292197
-
Critical Utility Infrastructural Resilience (CRUTIAL)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Critical Utility Infrastructural Resilience (CRUTIAL), European Commission, Luxembourg, 2008.
-
(2008)
-
-
-
44
-
-
84929265707
-
Design of an Interoperable European Federated Simulation Network for Critical Infrastructures (DIESIS)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Design of an Interoperable European Federated Simulation Network for Critical Infrastructures (DIESIS), European Commission, Luxembourg, 2010.
-
(2010)
-
-
-
45
-
-
84929279590
-
European Network for the Security of Control and Real-Time Systems (ESCoRTS)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., European Network for the Security of Control and Real-Time Systems (ESCoRTS), European Commission, Luxembourg, 2010.
-
(2010)
-
-
-
46
-
-
84929297409
-
European Risk Assessment and Contingency Planning Methodologies for Interconnected Energy Networks (EURACOM)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., European Risk Assessment and Contingency Planning Methodologies for Interconnected Energy Networks (EURACOM), European Commission, Luxembourg, 2011.
-
(2011)
-
-
-
47
-
-
84888470353
-
Increasing Security and Protection through Infrastructure Resilience (INSPIRE)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Increasing Security and Protection through Infrastructure Resilience (INSPIRE), European Commission, Luxembourg, 2011.
-
(2011)
-
-
-
48
-
-
84929277967
-
Semantically Enhanced Resilient and Secure Critical Infrastructure Services (SERSCIS)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Semantically Enhanced Resilient and Secure Critical Infrastructure Services (SERSCIS), European Commission, Luxembourg, 2011.
-
(2011)
-
-
-
49
-
-
84929280762
-
Tool for Systemic Risk Analysis and Secure Mediation of Data Exchanged across Linked Critical Information Infrastructures (MICIE)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Tool for Systemic Risk Analysis and Secure Mediation of Data Exchanged across Linked Critical Information Infrastructures (MICIE), European Commission, Luxembourg, 2011.
-
(2011)
-
-
-
50
-
-
84929265036
-
Vital Infrastructure
-
Networks, Information and Control Systems Management (VIKING), European Commission, Luxembourg
-
Community Research and Development Information Service., Vital Infrastructure, Networks, Information and Control Systems Management (VIKING), European Commission, Luxembourg, 2011.
-
(2011)
-
-
-
51
-
-
84929283325
-
Wireless Sensor Networks for the Protection of Critical Infrastructures (WSAN4CIP)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Wireless Sensor Networks for the Protection of Critical Infrastructures (WSAN4CIP), European Commission, Luxembourg, 2011.
-
(2011)
-
-
-
52
-
-
84929277850
-
Emergency Management in Large Infrastructures (EMILI)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Emergency Management in Large Infrastructures (EMILI), European Commission, Luxembourg, 2012.
-
(2012)
-
-
-
53
-
-
84929261985
-
Strategic Risk Assessment and Contingency Planning in Interconnected Transport Networks (STAR-TRANS)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Strategic Risk Assessment and Contingency Planning in Interconnected Transport Networks (STAR-TRANS), European Commission, Luxembourg, 2012.
-
(2012)
-
-
-
54
-
-
84929297265
-
A Framework for Electrical Power Systems Vulnerability Identification
-
Defense and Restoration (AFTER), European Commission, Luxembourg
-
Community Research and Development Information Service., A Framework for Electrical Power Systems Vulnerability Identification, Defense and Restoration (AFTER), European Commission, Luxembourg, 2014.
-
(2014)
-
-
-
55
-
-
84929283411
-
Critical Infrastructure Security Analysis (CRISALIS)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Critical Infrastructure Security Analysis (CRISALIS), European Commission, Luxembourg, 2014.
-
(2014)
-
-
-
56
-
-
84929294654
-
Cybersecurity on SCADA: Risk Prediction
-
Analysis and Reaction Tools for Critical Infrastructures (COCKPITCI), European Commission, Luxembourg
-
Community Research and Development Information Service., Cybersecurity on SCADA: Risk Prediction, Analysis and Reaction Tools for Critical Infrastructures (COCKPITCI), European Commission, Luxembourg, 2014.
-
(2014)
-
-
-
57
-
-
84943245764
-
Prevention
-
Protection and Reaction to Cyber Attacks on Critical Infrastructures (PRECYSE), European Commission, Luxembourg
-
Community Research and Development Information Service., Prevention, Protection and Reaction to Cyber Attacks on Critical Infrastructures (PRECYSE), European Commission, Luxembourg, 2014.
-
(2014)
-
-
-
58
-
-
84929277474
-
Protection of Critical Infrastructures against High Power Microwave Threats (HIPOW)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Protection of Critical Infrastructures against High Power Microwave Threats (HIPOW), European Commission, Luxembourg, 2014.
-
(2014)
-
-
-
59
-
-
84929269845
-
Strategies for the Improvement of Critical Infrastructure Resilience to Electromagnetic Attacks (STRUCTURES)
-
European Commission, Luxembourg
-
Community Research and Development Information Service., Strategies for the Improvement of Critical Infrastructure Resilience to Electromagnetic Attacks (STRUCTURES), European Commission, Luxembourg, 2014.
-
(2014)
-
-
-
60
-
-
48449088699
-
SCADA cyber security testbed development
-
C. Davis, J. Tate, H. Okhravi, C. Grier, T. Overbye and D. Nicol., SCADA cyber security testbed development, Proceedings of the Thirty-Eighth North American Power Symposium, pp. 483-488, 2006.
-
(2006)
Proceedings of the Thirty-Eighth North American Power Symposium
, pp. 483-488
-
-
Davis, C.1
Tate, J.2
Okhravi, H.3
Grier, C.4
Overbye, T.5
Nicol, D.6
-
61
-
-
84891751319
-
A holistic-reductionistic approach for modeling interdependencies
-
S. De Porcellinis, G. Oliva, S. Panzieri and R. Setola., A holistic-reductionistic approach for modeling interdependencies, in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 215-227, 2009.
-
(2009)
in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany
, pp. 215-227
-
-
De Porcellinis, S.1
Oliva, G.2
Panzieri, S.3
Setola, R.4
-
62
-
-
84929295094
-
Converged Plantwide Ethernet (CPwE) Design and Implementation Guide
-
ENET-TD001E-EN-P, Cisco Systems, San Jose, California and Rockwell Automation, Milwaukee, Wisconsin
-
P. Didier, F. Macias, J. Harstad, R. Antholine, S. Johnston, S. Piyevsky, M. Schillace, G. Wilcox, D. Zaniewski and S. Zuponcic., Converged Plantwide Ethernet (CPwE) Design and Implementation Guide, ENET-TD001E-EN-P, Cisco Systems, San Jose, California and Rockwell Automation, Milwaukee, Wisconsin, 2011.
-
(2011)
-
-
Didier, P.1
Macias, F.2
Harstad, J.3
Antholine, R.4
Johnston, S.5
Piyevsky, S.6
Schillace, M.7
Wilcox, G.8
Zaniewski, D.9
Zuponcic, S.10
-
63
-
-
84929290663
-
Digital Bond, Field Device Protection Profile for SCADA Systems in Medium Robustness Environments
-
Version 0.75, Sunrise, Florida
-
Digital Bond, Field Device Protection Profile for SCADA Systems in Medium Robustness Environments., Version 0.75, Sunrise, Florida, 2006.
-
(2006)
-
-
-
64
-
-
84893268738
-
A plausible solution to SCADA security honeypot systems, Proceedings of the Eighth International Conference on Broadband and Wireless Computing
-
J. Disso, K. Jones and S. Bailey, A plausible solution to SCADA security honeypot systems, Proceedings of the Eighth International Conference on Broadband and Wireless Computing, Communication and Applications, pp. 443-448, 2013.
-
(2013)
Communication and Applications
, pp. 443-448
-
-
Disso, J.1
Jones, K.2
Bailey, S.3
-
66
-
-
21644440888
-
Security for industrial communication systems
-
D. Dzung, M. Naedele, T. von Hoff and M. Crevatin., Security for industrial communication systems, Proceedings of the IEEE, vol. 93(6), pp. 1152-1177, 2005.
-
(2005)
Proceedings of the IEEE
, vol.93
, Issue.6
, pp. 1152-1177
-
-
Dzung, D.1
Naedele, M.2
von Hoff, T.3
Crevatin, M.4
-
67
-
-
84891752381
-
A taxonomy of attacks on the DNP3 protocol
-
S. East, J. Butts, M. Papa and S. Shenoi., A taxonomy of attacks on the DNP3 protocol, in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 67-81, 2009.
-
(2009)
in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany
, pp. 67-81
-
-
East, S.1
Butts, J.2
Papa, M.3
Shenoi, S.4
-
68
-
-
84929277459
-
Security Measures and Metrics Valuation Methodology
-
Palo Alto, California
-
Electric Power Research Institute., Security Measures and Metrics Valuation Methodology, Palo Alto, California, 2006.
-
(2006)
-
-
-
69
-
-
84929297413
-
Transmission System SQRA Assessment Methods
-
Palo Alto, California
-
Electric Power Research Institute., Transmission System SQRA Assessment Methods, Palo Alto, California, 2009.
-
(2009)
-
-
-
70
-
-
84929265642
-
Cyber Security and Privacy - Program 183
-
Palo Alto, California
-
Electric Power Research Institute., Cyber Security and Privacy - Program 183, Palo Alto, California, 2013.
-
(2013)
-
-
-
71
-
-
84929290215
-
Providing Autonomous Capabilities for Evolving SCADA (PACES)
-
Swindon, United Kingdom
-
Engineering and Physical Sciences Research Council., Providing Autonomous Capabilities for Evolving SCADA (PACES), Swindon, United Kingdom, 2014.
-
(2014)
-
-
-
72
-
-
17844380284
-
Management of information security for an electric power utility - On security domains and use of the ISO/IEC17799 standard
-
G. Ericsson., Management of information security for an electric power utility - On security domains and use of the ISO/IEC17799 standard, IEEE Transactions on Power Delivery, vol. 20(2), pp. 683-690, 2005.
-
(2005)
IEEE Transactions on Power Delivery
, vol.20
, Issue.2
, pp. 683-690
-
-
Ericsson, G.1
-
73
-
-
67650711721
-
Information security for electric power utilities - CIGRÉ developments on frameworks
-
G. Ericsson., Information security for electric power utilities - CIGRÉ developments on frameworks, risk assessment and technology, IEEE Transactions on Power Delivery, vol. 24(3), pp. 1174-1181, 2009.
-
(2009)
risk assessment and technology, IEEE Transactions on Power Delivery
, vol.24
, Issue.3
, pp. 1174-1181
-
-
Ericsson, G.1
-
74
-
-
77954005795
-
Cyber security and power system communication - Essential parts of a smart grid infrastructure
-
G. Ericsson., Cyber security and power system communication - Essential parts of a smart grid infrastructure, IEEE Transactions on Power Delivery, vol. 25(3), pp. 1501-1507, 2010.
-
(2010)
IEEE Transactions on Power Delivery
, vol.25
, Issue.3
, pp. 1501-1507
-
-
Ericsson, G.1
-
75
-
-
84877781128
-
Proposal for a directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union
-
COM(2013) 48 final, Brussels, Belgium
-
European Commission., Proposal for a directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union, COM(2013) 48 final, Brussels, Belgium, 2013.
-
(2013)
-
-
-
76
-
-
84884318324
-
Protecting Industrial Control Systems - Recommendations for Europe and Member States
-
Heraklion, Crete, Greece
-
European Network and Information Security Agency., Protecting Industrial Control Systems - Recommendations for Europe and Member States, Heraklion, Crete, Greece, 2011.
-
(2011)
-
-
-
77
-
-
84884318324
-
Protecting Industrial Control Systems
-
Annex V: Key Findings, Heraklion, Crete, Greece
-
European Network and Information Security Agency., Protecting Industrial Control Systems, Annex V: Key Findings, Heraklion, Crete, Greece, 2011.
-
(2011)
-
-
-
78
-
-
84871760090
-
Recommended Practice: Creating Cyber Forensics Plans for Control Systems
-
U.S. Department of Homeland Security, Washington, DC
-
M. Fabron, E. Cornelius., Recommended Practice: Creating Cyber Forensics Plans for Control Systems, U.S. Department of Homeland Security, Washington, DC, 2008.
-
(2008)
-
-
Fabron, M.1
Cornelius, E.2
-
79
-
-
84929295199
-
Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments
-
Version 1.0, Idaho National Laboratory, Idaho Falls, Idaho
-
M. Fabro, V. Maio, Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments, Version 1.0, Idaho National Laboratory, Idaho Falls, Idaho, 2007.
-
(2007)
-
-
Fabro, M.1
Maio, V.2
-
80
-
-
77951749326
-
Designing secure SCADA systems using security patterns
-
Proceedings of the Forty-Third Hawaii International Conference on System Sciences
-
E. Fernandez and M. Larrondo-Petrie., Designing secure SCADA systems using security patterns, Proceedings of the Forty-Third Hawaii International Conference on System Sciences, 2010.
-
(2010)
-
-
Fernandez, E.1
Larrondo-Petrie, M.2
-
81
-
-
55549097482
-
Towards a taxonomy of attacks against energy control systems
-
T. Fleury, H. Khurana, V. Welch., Towards a taxonomy of attacks against energy control systems, in Critical Infrastructure Protection II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 71-85, 2008.
-
(2008)
in Critical Infrastructure Protection II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts
, pp. 71-85
-
-
Fleury, T.1
Khurana, H.2
Welch, V.3
-
83
-
-
36248961142
-
Remote forensic analysis of process control systems
-
R. Friend Cassidy, A. Chavez, J. Trent and J. Urrea., Remote forensic analysis of process control systems, in Critical Infrastructure Protection, E. Goetz and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 223-235, 2007.
-
(2007)
in Critical Infrastructure Protection, E. Goetz and S. Shenoi (Eds.), Springer, Boston, Massachusetts
, pp. 223-235
-
-
Friend Cassidy, R.1
Chavez, A.2
Trent, J.3
Urrea, J.4
-
84
-
-
84866399058
-
A cyber-physical experimentation environment for the security analysis of networked industrial control systems
-
B. Genge, C. Siaterlis, I. Nai Fovino and M. Masera., A cyber-physical experimentation environment for the security analysis of networked industrial control systems, Computers and Electrical Engineering, vol. 38(5), pp. 1146-1161, 2012.
-
(2012)
Computers and Electrical Engineering
, vol.38
, Issue.5
, pp. 1146-1161
-
-
Genge, B.1
Siaterlis, C.2
Nai Fovino, I.3
Masera, M.4
-
85
-
-
84929296209
-
21 Steps Security Metrics Tool
-
Technical Report, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
-
C. Glantz and L. O[U+05F3]Neil., 21 Steps Security Metrics Tool, Technical Report, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2002.
-
(2002)
-
-
Glantz, C.1
O'Neil, L.2
-
86
-
-
84879779698
-
Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems
-
N. Goldenberg and A. Wool., Accurate modeling of Modbus/TCP for intrusion detection in SCADA systems, International Journal of Critical Infrastructure Protection, vol. 6(2), pp. 63-75, 2013.
-
(2013)
International Journal of Critical Infrastructure Protection
, vol.6
, Issue.2
, pp. 63-75
-
-
Goldenberg, N.1
Wool, A.2
-
87
-
-
84864415794
-
A log mining approach for process monitoring in SCADA
-
D. Hadiosmanovic, D. Bolzoni and P. Hartel., A log mining approach for process monitoring in SCADA, International Journal of Information Security, vol. 11(4), pp. 231-251, 2012.
-
(2012)
International Journal of Information Security
, vol.11
, Issue.4
, pp. 231-251
-
-
Hadiosmanovic, D.1
Bolzoni, D.2
Hartel, P.3
-
88
-
-
78349259735
-
Development of the PowerCyber SCADA security testbed
-
A. Hahn, B. Kregel, M. Govindarasu, J. Fitzpatrick, R. Adnan, S. Sridhar and M. Higdon., Development of the PowerCyber SCADA security testbed, Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, article no. 21, 2010.
-
(2010)
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
-
-
Hahn, A.1
Kregel, B.2
Govindarasu, M.3
Fitzpatrick, J.4
Adnan, R.5
Sridhar, S.6
Higdon, M.7
-
89
-
-
77955052106
-
Coupled Petri nets for computer network risk analysis
-
M. Henry, R. Layer and D. Zaret., Coupled Petri nets for computer network risk analysis, International Journal of Critical Infrastructure Protection, vol. 3(2), pp. 67-75, 2010.
-
(2010)
International Journal of Critical Infrastructure Protection
, vol.3
, Issue.2
, pp. 67-75
-
-
Henry, M.1
Layer, R.2
Zaret, D.3
-
90
-
-
84864405337
-
An ontology for identifying cyber intrusion induced faults in process control systems
-
J. Hieb, J. Graham and J. Guan., An ontology for identifying cyber intrusion induced faults in process control systems, in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany, pp. 125-138, 2009.
-
(2009)
in Critical Infrastructure Protection III, C. Palmer and S. Shenoi (Eds.), Springer, Heidelberg, Germany
, pp. 125-138
-
-
Hieb, J.1
Graham, J.2
Guan, J.3
-
91
-
-
18444387632
-
The Federal Aviation Administration Integrated Capability Maturity Model (FAA-iCMM) Appraisal Method
-
Version 2.0, U.S. Federal Aviation Administration, Washington, DC
-
L. Ibrahim, E. Harwell, B. Howard, K. Johnson, J. Meeker, M. Virga and C. Wells., The Federal Aviation Administration Integrated Capability Maturity Model (FAA-iCMM) Appraisal Method, Version 2.0, U.S. Federal Aviation Administration, Washington, DC, 2001.
-
(2001)
-
-
Ibrahim, L.1
Harwell, E.2
Howard, B.3
Johnson, K.4
Meeker, J.5
Virga, M.6
Wells, C.7
-
92
-
-
84929269971
-
and members of the Safety and Security Extensions Project Team
-
Safety and Security Extensions for Integrated Capability Maturity Models, U.S. Federal Aviation Administration, Washington, DC
-
L. Ibrahim, J. Jarzombek, M. Ashford, R. Bate, P. Croll, M. Horn, L. LaBruyere, C. Wells., and members of the Safety and Security Extensions Project Team, Safety and Security Extensions for Integrated Capability Maturity Models, U.S. Federal Aviation Administration, Washington, DC, 2004.
-
(2004)
-
-
Ibrahim, L.1
Jarzombek, J.2
Ashford, M.3
Bate, R.4
Croll, P.5
Horn, M.6
LaBruyere, L.7
Wells, C.8
-
93
-
-
33750405289
-
Security issues in SCADA networks
-
V. Igure, S. Laughter and R. Williams., Security issues in SCADA networks, Computers and Security, vol. 25(7), pp. 498-506, 2006.
-
(2006)
Computers and Security
, vol.25
, Issue.7
, pp. 498-506
-
-
Igure, V.1
Laughter, S.2
Williams, R.3
-
94
-
-
21644483174
-
IEEE Guide for Electric Power Substation Physical and Electronic Security
-
IEEE 1402-2000, Piscataway, New Jersey
-
Institute of Electrical and Electronics Engineers., IEEE Guide for Electric Power Substation Physical and Electronic Security, IEEE 1402-2000, Piscataway, New Jersey, 2000.
-
(2000)
-
-
-
95
-
-
49549095693
-
IEEE Standard for Substation Intelligent Electronic Devices (IEDs) Cyber Security Capabilities
-
IEEE 1686-2007, Piscataway, New Jersey
-
Institute of Electrical and Electronics Engineers., IEEE Standard for Substation Intelligent Electronic Devices (IEDs) Cyber Security Capabilities, IEEE 1686-2007, Piscataway, New Jersey, 2007.
-
(2007)
-
-
-
96
-
-
84929287562
-
IEEE Trial Use Standard for Retrofit Cyber Security of Serial SCADA Links and IED Remote Access
-
IEEE P1689, Piscataway, New Jersey
-
Institute of Electrical and Electronics Engineers., IEEE Trial Use Standard for Retrofit Cyber Security of Serial SCADA Links and IED Remote Access, IEEE P1689, Piscataway, New Jersey, 2007.
-
(2007)
-
-
-
97
-
-
84929297300
-
IEEE Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links
-
IEEE 1711-2010, Piscataway, New Jersey
-
Institute of Electrical and Electronics Engineers., IEEE Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links, IEEE 1711-2010, Piscataway, New Jersey, 2010.
-
(2010)
-
-
-
98
-
-
67650540248
-
Power Systems Management and Associated Information Exchange - Data and Communications Security
-
IEC/TS 62351-1 ed1.0, Geneva, Switzerland
-
International Electrotechnical Commission., Power Systems Management and Associated Information Exchange - Data and Communications Security, IEC/TS 62351-1 ed1.0, Geneva, Switzerland, 2007.
-
(2007)
-
-
-
99
-
-
84155194329
-
Industrial Communication Networks - Network and System Security - Part 1-1: Terminology
-
Concepts and Models, IEC/TS 62443-1-1 ed1.0, Geneva, Switzerland
-
International Electrotechnical Commission., Industrial Communication Networks - Network and System Security - Part 1-1: Terminology, Concepts and Models, IEC/TS 62443-1-1 ed1.0, Geneva, Switzerland, 2009.
-
(2009)
-
-
-
100
-
-
84929293999
-
Industrial Communication Networks - Profiles - Part 3-1: Functional Safety Fieldbuses - Additional Specifications for CPF 1
-
IEC 61784-3-1 ed2.0, Geneva, Switzerland
-
International Electrotechnical Commission., Industrial Communication Networks - Profiles - Part 3-1: Functional Safety Fieldbuses - Additional Specifications for CPF 1, IEC 61784-3-1 ed2.0, Geneva, Switzerland, 2010.
-
(2010)
-
-
-
101
-
-
28044457328
-
Information Technology - Security Techniques - Code of Practice for Information Security Management
-
ISO/IEC 27002:2005, Geneva, Switzerland
-
International Organization for Standardization., Information Technology - Security Techniques - Code of Practice for Information Security Management, ISO/IEC 27002:2005, Geneva, Switzerland, 2005.
-
(2005)
-
-
-
102
-
-
0003765589
-
Information Technology - Security Techniques - Evaluation Criteria for IT Security - Part 1: Introduction and General Model
-
ISO/IEC 15408-1:2009, Geneva, Switzerland
-
International Organization for Standardization., Information Technology - Security Techniques - Evaluation Criteria for IT Security - Part 1: Introduction and General Model, ISO/IEC 15408-1:2009, Geneva, Switzerland, 2009.
-
(2009)
-
-
-
103
-
-
84929278617
-
Security for Industrial Automation and Control Systems
-
Part 2-1: Industrial Automation and Control System Security Management System, ISA-62443-2-1 (99.02.01), Research Triangle Park, North Carolina
-
International Society of Automation., Security for Industrial Automation and Control Systems, Part 2-1: Industrial Automation and Control System Security Management System, ISA-62443-2-1 (99.02.01), Research Triangle Park, North Carolina, 2012.
-
(2012)
-
-
-
104
-
-
84904875538
-
Security for Industrial Automation and Control Systems
-
Part 3-2: Security Risk Assessment and System Design, ISA-62443-3-2, Research Triangle Park, North Carolina
-
International Society of Automation., Security for Industrial Automation and Control Systems, Part 3-2: Security Risk Assessment and System Design, ISA-62443-3-2, Research Triangle Park, North Carolina, 2013.
-
(2013)
-
-
-
105
-
-
77953158482
-
Directions in Security Metrics Research
-
NISTIR 7564, National Institute of Standards and Technology, Gaithersburg, Maryland
-
W. Jansen., Directions in Security Metrics Research, NISTIR 7564, National Institute of Standards and Technology, Gaithersburg, Maryland, 2009.
-
(2009)
-
-
Jansen, W.1
-
106
-
-
37249037465
-
Security Metrics: Replacing Fear
-
Uncertainty and Doubt, Pearson Education, Upper Saddle River, New Jersey
-
A. Jaquith., Security Metrics: Replacing Fear, Uncertainty and Doubt, Pearson Education, Upper Saddle River, New Jersey, 2007.
-
(2007)
-
-
Jaquith, A.1
-
107
-
-
33845454156
-
Managing critical information infrastructure security compliance: A standard based approach using ISO/IEC 17799 and 27001
-
W. Jayawickrama., Managing critical information infrastructure security compliance: A standard based approach using ISO/IEC 17799 and 27001, in On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, R. Meersman, Z. Tari and P. Herrero (Eds.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 565-574, 2006.
-
(2006)
in On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, R. Meersman, Z. Tari and P. Herrero (Eds.), Springer-Verlag, Berlin Heidelberg, Germany
, pp. 565-574
-
-
Jayawickrama, W.1
-
109
-
-
84857354121
-
Security Considerations in the System Development Life Cycle
-
NIST Special Publication 800-64, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland
-
R. Kissel, K. Stine, M. Scholl, H. Rossman, J. Fahlsing and J. Gulick., Security Considerations in the System Development Life Cycle, NIST Special Publication 800-64, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2008.
-
(2008)
-
-
Kissel, R.1
Stine, K.2
Scholl, M.3
Rossman, H.4
Fahlsing, J.5
Gulick, J.6
-
110
-
-
84929294812
-
Perceptual influences on risk assessments and the challenges for information security and network management
-
Proceedings of the Thirteenth Annual Post Graduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting
-
W. Knowles, D. Prince and D. Hutchison., Perceptual influences on risk assessments and the challenges for information security and network management, Proceedings of the Thirteenth Annual Post Graduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting, 2012.
-
(2012)
-
-
Knowles, W.1
Prince, D.2
Hutchison, D.3
-
111
-
-
84929293293
-
Towards real-time assessment of industrial control systems: A framework for future research
-
W. Knowles, D. Prince, D. Hutchinson, J. Disso and K. Jones., Towards real-time assessment of industrial control systems: A framework for future research, Proceedings of the First International Symposium on ICS and SCADA Cyber Security Research, pp. 106-109, 2013.
-
(2013)
Proceedings of the First International Symposium on ICS and SCADA Cyber Security Research
, pp. 106-109
-
-
Knowles, W.1
Prince, D.2
Hutchinson, D.3
Disso, J.4
Jones, K.5
-
112
-
-
84874152879
-
Robust Control System Networks: How to Achieve Reliable Control after Stuxnet
-
Momentum Press, New York
-
R. Langer., Robust Control System Networks: How to Achieve Reliable Control after Stuxnet, Momentum Press, New York, 2012.
-
(2012)
-
-
Langer, R.1
-
113
-
-
84897705224
-
Evaluation of security solutions in the SCADA environment
-
R. Larkin, J. Lopez, J. Butts and M. Grimaila., Evaluation of security solutions in the SCADA environment, ACM SIGMIS Database, vol. 45(1), pp. 38-53, 2014.
-
(2014)
ACM SIGMIS Database
, vol.45
, Issue.1
, pp. 38-53
-
-
Larkin, R.1
Lopez, J.2
Butts, J.3
Grimaila, M.4
-
114
-
-
80053459401
-
A cyber-security implementation framework for nuclear power plant control systems
-
C. Lee, J. Song, D. Lee, H. Jung and G. Lee., A cyber-security implementation framework for nuclear power plant control systems, in Convergence and Hybrid Information Technology, G. Lee, D. Howard and D. Slezak (Eds.), Springer-Verlag, Berlin Heidelberg, Germany, pp. 190-195, 2011.
-
(2011)
in Convergence and Hybrid Information Technology, G. Lee, D. Howard and D. Slezak (Eds.), Springer-Verlag, Berlin Heidelberg, Germany
, pp. 190-195
-
-
Lee, C.1
Song, J.2
Lee, D.3
Jung, H.4
Lee, G.5
-
115
-
-
80055043688
-
Model-based security metrics using adversary view security evaluation (ADVISE)
-
E. LeMay, M. Ford, K. Keefe, W. Sanders and C. Muehrcke., Model-based security metrics using adversary view security evaluation (ADVISE), Proceedings of the Eighth International Conference on Quantitative Evaluation of Systems, pp. 191-200, 2011.
-
(2011)
Proceedings of the Eighth International Conference on Quantitative Evaluation of Systems
, pp. 191-200
-
-
LeMay, E.1
Ford, M.2
Keefe, K.3
Sanders, W.4
Muehrcke, C.5
-
116
-
-
84870547225
-
Functional vulnerability assessment of SCADA networks
-
Proceedings of the Asia-Pacific Power and Energy Engineering Conference
-
G. Li, W. Ju and D. Shi., Functional vulnerability assessment of SCADA networks, Proceedings of the Asia-Pacific Power and Energy Engineering Conference, 2012.
-
(2012)
-
-
Li, G.1
Ju, W.2
Shi, D.3
-
117
-
-
84875967976
-
Adapting Bro into SCADA: Building a specification-based intrusion detection system for the DNP3 protocol
-
H. Lin, A. Slagell, C. Di Martino, Z. Kalbarczyk and R. Iyer., Adapting Bro into SCADA: Building a specification-based intrusion detection system for the DNP3 protocol, Proceedings of the Eighth Annual Workshop on Cyber Security and Information Intelligence Research, article no. 5, 2013.
-
(2013)
Proceedings of the Eighth Annual Workshop on Cyber Security and Information Intelligence Research
-
-
Lin, H.1
Slagell, A.2
Di Martino, C.3
Kalbarczyk, Z.4
Iyer, R.5
-
118
-
-
79953217649
-
Asset analysis of risk assessment for IEC 61850 based power control systems - Part I: Methodology
-
N. Liu, J. Zhang and X. Wu., Asset analysis of risk assessment for IEC 61850 based power control systems - Part I: Methodology, IEEE Transactions on Power Delivery, vol. 26(2), pp. 869-875, 2011.
-
(2011)
IEEE Transactions on Power Delivery
, vol.26
, Issue.2
, pp. 869-875
-
-
Liu, N.1
Zhang, J.2
Wu, X.3
-
119
-
-
77953994369
-
Security assessment for communication networks of power control systems using attack graph and MCDM
-
N. Liu, J. Zhang, H. Zhang and W. Liu., Security assessment for communication networks of power control systems using attack graph and MCDM, IEEE Transactions on Power Delivery, vol. 25(3), pp. 1492-1500, 2010.
-
(2010)
IEEE Transactions on Power Delivery
, vol.25
, Issue.3
, pp. 1492-1500
-
-
Liu, N.1
Zhang, J.2
Zhang, H.3
Liu, W.4
-
120
-
-
80755132178
-
Assessing and improving SCADA security in the Dutch drinking water sector
-
E. Luiijf, M. Ali and A. Zielstra., Assessing and improving SCADA security in the Dutch drinking water sector, International Journal of Critical Infrastructure Protection, vol. 4(3-4), pp. 124-134, 2011.
-
(2011)
International Journal of Critical Infrastructure Protection
, vol.4
, Issue.3-4
, pp. 124-134
-
-
Luiijf, E.1
Ali, M.2
Zielstra, A.3
-
121
-
-
85052499611
-
Cybersecurity for Industrial Control Systems: SCADA
-
DCS, PLC, HMI and SIS, CRC Press, Boca Raton, Florida
-
T. Macaulay and B. Singer., Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI and SIS, CRC Press, Boca Raton, Florida, 2012.
-
(2012)
-
-
Macaulay, T.1
Singer, B.2
-
122
-
-
78249237761
-
Network traffic analysis and SCADA security
-
A. Mahmood, C. Leckie, J. Hu, Z. Tari and M. Atiquzzaman., Network traffic analysis and SCADA security, in Handbook of Information and Communication Security, P. Stavroulakis and M. Stamp (Eds.), Springer, Berlin, Heidelberg, Germany, pp. 383-405, 2010.
-
(2010)
in Handbook of Information and Communication Security, P. Stavroulakis and M. Stamp (Eds.), Springer, Berlin, Heidelberg, Germany
, pp. 383-405
-
-
Mahmood, A.1
Leckie, C.2
Hu, J.3
Tari, Z.4
Atiquzzaman, M.5
-
123
-
-
79957979992
-
A testbed for analyzing security of SCADA control systems
-
Proceedings of the IEEE Power and Energy Society Conference on Innovative Smart Grid Technologies
-
M. Mallouhi, Y. Al-Nashif, D. Cox, T. Chadaga and S. Hariri., A testbed for analyzing security of SCADA control systems, Proceedings of the IEEE Power and Energy Society Conference on Innovative Smart Grid Technologies, 2011.
-
(2011)
-
-
Mallouhi, M.1
Al-Nashif, Y.2
Cox, D.3
Chadaga, T.4
Hariri, S.5
-
124
-
-
55549137744
-
Security assessment of a turbo-gas power plant
-
M. Masera, I. Nai Fovino and R. Leszczyna., Security assessment of a turbo-gas power plant, in Critical Infrastructure Protection II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts, pp. 31-40, 2008.
-
(2008)
in Critical Infrastructure Protection II, M. Papa and S. Shenoi (Eds.), Springer, Boston, Massachusetts
, pp. 31-40
-
-
Masera, M.1
Nai Fovino, I.2
Leszczyna, R.3
-
125
-
-
84929289935
-
PCS Security Technology Evaluation Tool (P-STET)
-
Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
-
A. McIntyre., PCS Security Technology Evaluation Tool (P-STET), Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2003.
-
(2003)
-
-
McIntyre, A.1
-
126
-
-
84929289998
-
I3P Task 3 Security Metrics Tools Final Report
-
Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
-
A. McIntyre., I3P Task 3 Security Metrics Tools Final Report, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2007.
-
(2007)
-
-
McIntyre, A.1
-
127
-
-
78049469768
-
Security Metrics for Process Control Systems
-
SAND2007-2070P, Sandia National Laboratories, Albuquerque, New Mexico
-
A. McIntyre, B. Becker and R. Halbgewachs., Security Metrics for Process Control Systems, SAND2007-2070P, Sandia National Laboratories, Albuquerque, New Mexico, 2007.
-
(2007)
-
-
McIntyre, A.1
Becker, B.2
Halbgewachs, R.3
-
129
-
-
77954785753
-
Cyber-related risk assessment and critical asset identification within the power grid
-
Proceedings of the IEEE Power and Energy Society Transmission and Distribution Conference and Exposition
-
Z. Mohajerani, F. Farzan, M. Jafary, Y. Lu, D. Wei, N. Kalenchits, B. Boyer, M. Muller and P. Skare., Cyber-related risk assessment and critical asset identification within the power grid, Proceedings of the IEEE Power and Energy Society Transmission and Distribution Conference and Exposition, 2010.
-
(2010)
-
-
Mohajerani, Z.1
Farzan, F.2
Jafary, M.3
Lu, Y.4
Wei, D.5
Kalenchits, N.6
Boyer, B.7
Muller, M.8
Skare, P.9
-
130
-
-
33644636365
-
Application of the API/NPRA SVA methodology to transportation security issues
-
D. Moore., Application of the API/NPRA SVA methodology to transportation security issues, Journal of Hazardous Materials, vol. 130(1-2), pp. 107-121, 2006.
-
(2006)
Journal of Hazardous Materials
, vol.130
, Issue.1-2
, pp. 107-121
-
-
Moore, D.1
-
131
-
-
80052094240
-
A control system testbed to validate critical infrastructure protection concepts
-
T. Morris, A. Srivastava, B. Reaves, W. Gao, K. Pavurapu and R. Reddi., A control system testbed to validate critical infrastructure protection concepts, International Journal of Critical Infrastructure Protection, vol. 4(2), pp. 88-103, 2011.
-
(2011)
International Journal of Critical Infrastructure Protection
, vol.4
, Issue.2
, pp. 88-103
-
-
Morris, T.1
Srivastava, A.2
Reaves, B.3
Gao, W.4
Pavurapu, K.5
Reddi, R.6
-
134
-
-
71649109185
-
An experimental investigation of malware attacks on SCADA systems
-
I. Nai Fovino, A. Carcano, M. Masera and A. Trombetta., An experimental investigation of malware attacks on SCADA systems, International Journal of Critical Infrastructure Protection, vol. 2(4), pp. 139-145, 2009.
-
(2009)
International Journal of Critical Infrastructure Protection
, vol.2
, Issue.4
, pp. 139-145
-
-
Nai Fovino, I.1
Carcano, A.2
Masera, M.3
Trombetta, A.4
-
135
-
-
84860491228
-
Critical state based filtering system for securing SCADA network protocols
-
I. Nai Fovino, A. Coletta, A. Carcano and M. Masera., Critical state based filtering system for securing SCADA network protocols, IEEE Transactions on Industrial Electronics, vol. 59(10), pp. 3943-3950, 2012.
-
(2012)
IEEE Transactions on Industrial Electronics
, vol.59
, Issue.10
, pp. 3943-3950
-
-
Nai Fovino, I.1
Coletta, A.2
Carcano, A.3
Masera, M.4
-
136
-
-
78650587262
-
Cyber security assessment of a power plant
-
I. Nai Fovino, L. Guidi, M. Masera and A. Stefanini., Cyber security assessment of a power plant, Electric Power Systems Research, vol. 81(2), pp. 518-526, 2011.
-
(2011)
Electric Power Systems Research
, vol.81
, Issue.2
, pp. 518-526
-
-
Nai Fovino, I.1
Guidi, L.2
Masera, M.3
Stefanini, A.4
-
137
-
-
77955698013
-
An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants
-
I. Nai Fovino, M. Masera, L. Guidi and G. Carpi., An experimental platform for assessing SCADA vulnerabilities and countermeasures in power plants, Proceedings of the Third Conference on Human System Interactions, pp. 679-686, 2010.
-
(2010)
Proceedings of the Third Conference on Human System Interactions
, pp. 679-686
-
-
Nai Fovino, I.1
Masera, M.2
Guidi, L.3
Carpi, G.4
-
138
-
-
70450215489
-
Cyber security for energy automation systems - New challenges for vendors
-
Proceedings of the Twentieth International Conference on Electricity Distribution
-
B. Nartmann, T. Brandstetter and K. Knorr., Cyber security for energy automation systems - New challenges for vendors, Proceedings of the Twentieth International Conference on Electricity Distribution, 2009.
-
(2009)
-
-
Nartmann, B.1
Brandstetter, T.2
Knorr, K.3
-
139
-
-
84898316732
-
Firewall Deployment for SCADA and Process Control Networks
-
Good Practice Guide, London, United Kingdom
-
National Infrastructure Security Coordination Centre., Firewall Deployment for SCADA and Process Control Networks, Good Practice Guide, London, United Kingdom, 2005.
-
(2005)
-
-
-
140
-
-
47849111337
-
Standards for Security Categorization of Federal Information and Information Systems
-
FIPS PUB 199, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Standards for Security Categorization of Federal Information and Information Systems, FIPS PUB 199, Gaithersburg, Maryland, 2004.
-
(2004)
-
-
-
141
-
-
78649562070
-
System Protection Profile - Industrial Control Systems Version 1.0
-
NISTIR 7176, Gaithersburg, Maryland
-
National Institute of Standards and Technology., System Protection Profile - Industrial Control Systems Version 1.0, NISTIR 7176, Gaithersburg, Maryland, 2004.
-
(2004)
-
-
-
142
-
-
78751691693
-
Minimum Security Requirements for Federal Information and Information Systems
-
FIPS PUB 200, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Minimum Security Requirements for Federal Information and Information Systems, FIPS PUB 200, Gaithersburg, Maryland, 2006.
-
(2006)
-
-
-
143
-
-
78649245486
-
Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
-
NIST Special Publication 800-37, Revision 1, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach, NIST Special Publication 800-37, Revision 1, Gaithersburg, Maryland, 2010.
-
(2010)
-
-
-
144
-
-
84873139978
-
Managing Information Security Risk: Organization
-
Mission and Information System View, NIST Special Publication 800-39, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Managing Information Security Risk: Organization, Mission and Information System View, NIST Special Publication 800-39, Gaithersburg, Maryland, 2011.
-
(2011)
-
-
-
145
-
-
84880713047
-
Guide for Conducting Risk Assessments
-
NIST Special Publication 800-30, Revision 1, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Guide for Conducting Risk Assessments, NIST Special Publication 800-30, Revision 1, Gaithersburg, Maryland, 2012.
-
(2012)
-
-
-
146
-
-
29744436477
-
Personal Identity Verification (PIV) of Federal Employees and Contractors
-
FIPS PUB 201-2, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Personal Identity Verification (PIV) of Federal Employees and Contractors, FIPS PUB 201-2, Gaithersburg, Maryland, 2013.
-
(2013)
-
-
-
147
-
-
84885817796
-
Security and Privacy Controls for Federal Information Systems and Organizations
-
NIST Special Publication 800-53, Revision 4, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publication 800-53, Revision 4, Gaithersburg, Maryland, 2013.
-
(2013)
-
-
-
148
-
-
84929292855
-
Comments Received in Response to: Request for Comments on the Preliminary Cybersecurity Framework
-
Gaithersburg, Maryland
-
National Institute of Standards and Technology., Comments Received in Response to: Request for Comments on the Preliminary Cybersecurity Framework, Gaithersburg, Maryland, 2014.
-
(2014)
-
-
-
149
-
-
84904416346
-
Framework for Improving Critical Infrastructure Cybersecurity
-
Version 1.0, Gaithersburg, Maryland
-
National Institute of Standards and Technology., Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0, Gaithersburg, Maryland, 2014.
-
(2014)
-
-
-
150
-
-
84929271379
-
Industrial Control System Security (ICS)
-
Gaithersburg, Maryland
-
National Institute of Standards and Technology., Industrial Control System Security (ICS), Gaithersburg, Maryland, 2014.
-
(2014)
-
-
-
151
-
-
84929286077
-
Fort Meade
-
Maryland, March 14
-
National Security Agency, NSA develops INFOSEC assessment training and rating program., Fort Meade, Maryland, March 14, 2002.
-
(2002)
-
-
-
152
-
-
74949097970
-
Towards quantifying the impacts of cyber attacks in the competitive electricity market environment
-
Proceedings of the IEEE PowerTech Conference
-
M. Negrete-Pincetic, F. Yoshida and G. Gross., Towards quantifying the impacts of cyber attacks in the competitive electricity market environment, Proceedings of the IEEE PowerTech Conference, 2009.
-
(2009)
-
-
Negrete-Pincetic, M.1
Yoshida, F.2
Gross, G.3
-
153
-
-
84861093550
-
SCADA security in the light of cyber-warfare
-
A. Nicholson, S. Webber, S. Dyer, T. Patel and H. Janicke., SCADA security in the light of cyber-warfare, Computers and Security, vol. 31(4), pp. 418-436, 2012.
-
(2012)
Computers and Security
, vol.31
, Issue.4
, pp. 418-436
-
-
Nicholson, A.1
Webber, S.2
Dyer, S.3
Patel, T.4
Janicke, H.5
-
154
-
-
84929278656
-
Critical Infrastructure Protection (CIP) 001-011
-
Washington, DC
-
North American Electric Reliability Corporation., Critical Infrastructure Protection (CIP) 001-011, Washington, DC, 2013.
-
(2013)
-
-
-
155
-
-
84929268337
-
Cyber Risk Preparedness Assessment: Table-Top Exercise 2012 Report
-
Washington, DC
-
North American Electric Reliability Corporation., Cyber Risk Preparedness Assessment: Table-Top Exercise 2012 Report, Washington, DC, 2013
-
(2013)
-
-
-
156
-
-
84929278291
-
Guideline 104: Information Security Baseline Requirements for Process Control
-
Safety and Support ICT Systems, Stavanger, Norway
-
Norwegian Oil and Gas Association., Guideline 104: Information Security Baseline Requirements for Process Control, Safety and Support ICT Systems, Stavanger, Norway, 2009.
-
(2009)
-
-
-
157
-
-
84929294453
-
Guideline 110: Implementation of Information Security in Process Control
-
Safety and Support ICT Systems during the Engineering, Procurement and Commissioning Phases, Stavanger, Norway
-
Norwegian Oil and Gas Association., Guideline 110: Implementation of Information Security in Process Control, Safety and Support ICT Systems during the Engineering, Procurement and Commissioning Phases, Stavanger, Norway, 2009.
-
(2009)
-
-
-
158
-
-
84929289144
-
Guideline 123: Classification of Process Control
-
Safety and Support ICT Systems based on Criticality, Stavanger, Norway
-
Norwegian Oil and Gas Association., Guideline 123: Classification of Process Control, Safety and Support ICT Systems based on Criticality, Stavanger, Norway, 2009.
-
(2009)
-
-
-
159
-
-
84887499198
-
Executive Order 13636: Improving Critical Infrastructure Cybersecurity
-
The White House, Washington, DC, February 12
-
B. Obama., Executive Order 13636: Improving Critical Infrastructure Cybersecurity, The White House, Washington, DC, February 12, 2013.
-
(2013)
-
-
Obama, B.1
-
160
-
-
70149101305
-
Application of trusted network technology to industrial control networks
-
H. Okhravi and D. Nicol., Application of trusted network technology to industrial control networks, International Journal of Critical Infrastructure Protection, vol. 2(3), pp. 84-94, 2009.
-
(2009)
International Journal of Critical Infrastructure Protection
, vol.2
, Issue.3
, pp. 84-94
-
-
Okhravi, H.1
Nicol, D.2
-
161
-
-
85028692616
-
Good Practices Guide on Non-Nuclear Critical Energy Infrastructure Protection from Terrorist Attacks Focusing on Threats Emanating from Cyberspace
-
Vienna, Austria
-
Organization for Security and Cooperation in Europe., Good Practices Guide on Non-Nuclear Critical Energy Infrastructure Protection from Terrorist Attacks Focusing on Threats Emanating from Cyberspace, Vienna, Austria, 2013.
-
(2013)
-
-
-
162
-
-
84929276316
-
Availability based risk analysis for SCADA embedded computer systems
-
Proceedings of the International Conference on Security and Management
-
S. Papa, W. Casper and S. Nair., Availability based risk analysis for SCADA embedded computer systems, Proceedings of the International Conference on Security and Management, 2011.
-
(2011)
-
-
Papa, S.1
Casper, W.2
Nair, S.3
-
163
-
-
58849106722
-
Vulnerability assessment for critical infrastructure control systems
-
R. Parks and E. Rogers., Vulnerability assessment for critical infrastructure control systems, IEEE Security and Privacy, vol. 6(6), pp. 37-43, 2008.
-
(2008)
IEEE Security and Privacy
, vol.6
, Issue.6
, pp. 37-43
-
-
Parks, R.1
Rogers, E.2
-
164
-
-
0003748765
-
Capability Maturity Model for Software
-
Version 1.1, CMU/SEI-93-TR-024, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania
-
M. Paulk, B. Curtis, M. Chrissis and C. Weber., Capability Maturity Model for Software, Version 1.1, CMU/SEI-93-TR-024, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, 1993.
-
(1993)
-
-
Paulk, M.1
Curtis, B.2
Chrissis, M.3
Weber, C.4
-
165
-
-
72849150312
-
Building a SCADA security testbed
-
C. Queiroz, A. Mahmood, J. Hu, Z. Tari and X. Yu., Building a SCADA security testbed, Proceedings of the Third International Conference on Network and System Security, pp. 357-364, 2009.
-
(2009)
Proceedings of the Third International Conference on Network and System Security
, pp. 357-364
-
-
Queiroz, C.1
Mahmood, A.2
Hu, J.3
Tari, Z.4
Yu, X.5
-
166
-
-
82155173457
-
SCADASim - A framework for building SCADA simulations
-
C. Queiroz, A. Mahmood and Z. Tari., SCADASim - A framework for building SCADA simulations, IEEE Transactions on Smart Grid, vol. 2(4), pp. 589-597, 2011.
-
(2011)
IEEE Transactions on Smart Grid
, vol.2
, Issue.4
, pp. 589-597
-
-
Queiroz, C.1
Mahmood, A.2
Tari, Z.3
-
167
-
-
84886713375
-
A probabilistic model to predict the survivability of SCADA systems
-
C. Queiroz, A. Mahmood and Z. Tari., A probabilistic model to predict the survivability of SCADA systems, IEEE Transactions on Industrial Informatics, vol. 9(4), pp. 1975-1985, 2013.
-
(2013)
IEEE Transactions on Industrial Informatics
, vol.9
, Issue.4
, pp. 1975-1985
-
-
Queiroz, C.1
Mahmood, A.2
Tari, Z.3
-
168
-
-
79960706891
-
National Checklist Program for IT Products - Guidelines for Checklist Users and Developers
-
NIST Special Publication 800-70, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland
-
S. Quinn, M. Souppaya, M. Cook and K. Scarfone., National Checklist Program for IT Products - Guidelines for Checklist Users and Developers, NIST Special Publication 800-70, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2011.
-
(2011)
-
-
Quinn, S.1
Souppaya, M.2
Cook, M.3
Scarfone, K.4
-
169
-
-
34548017452
-
Cyber security risk assessment for SCADA and DCS networks
-
P. Ralston, J. Graham and J. Hieb., Cyber security risk assessment for SCADA and DCS networks, ISA Transactions, vol. 46(4), pp. 583-594, 2007.
-
(2007)
ISA Transactions
, vol.46
, Issue.4
, pp. 583-594
-
-
Ralston, P.1
Graham, J.2
Hieb, J.3
-
170
-
-
84864408683
-
An open virtual testbed for industrial control system security research
-
B. Reaves and T. Morris., An open virtual testbed for industrial control system security research, International Journal of Information Security, vol. 11(4), pp. 215-229, 2012.
-
(2012)
International Journal of Information Security
, vol.11
, Issue.4
, pp. 215-229
-
-
Reaves, B.1
Morris, T.2
-
171
-
-
0035696915
-
Identifying, understanding and analyzing critical infrastructure interdependencies
-
S. Rinaldi, J. Peerenboom and T. Kelly, Identifying., understanding and analyzing critical infrastructure interdependencies, IEEE Control Systems, vol. 21(6), pp. 11-25, 2001.
-
(2001)
IEEE Control Systems
, vol.21
, Issue.6
, pp. 11-25
-
-
Rinaldi, S.1
Peerenboom, J.2
Kelly, T.3
-
173
-
-
36849039045
-
A framework for linking cybersecurity metrics to the modeling of macroeconomic interdependencies
-
J. Santos, Y. Haimes and C. Lian., A framework for linking cybersecurity metrics to the modeling of macroeconomic interdependencies, Risk Analysis, vol. 27(5), pp. 1283-1297, 2007.
-
(2007)
Risk Analysis
, vol.27
, Issue.5
, pp. 1283-1297
-
-
Santos, J.1
Haimes, Y.2
Lian, C.3
-
174
-
-
79952496582
-
Guidelines on Firewalls and Firewall Policy
-
NIST Special Publication 800-41, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland
-
K. Scarfone and P. Hoffman., Guidelines on Firewalls and Firewall Policy, NIST Special Publication 800-41, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland, 2009.
-
(2009)
-
-
Scarfone, K.1
Hoffman, P.2
-
175
-
-
84876398024
-
A distributed intrusion detection system for industrial automation networks
-
Proceedings of the Seventeenth IEEE International Conference on Emerging Technologies and Factory Automation
-
F. Schuster and A. Paul., A distributed intrusion detection system for industrial automation networks, Proceedings of the Seventeenth IEEE International Conference on Emerging Technologies and Factory Automation, 2012.
-
(2012)
-
-
Schuster, F.1
Paul, A.2
-
177
-
-
67651102640
-
Information security management standards: Problems and solutions
-
M. Siponen and R. Willison., Information security management standards: Problems and solutions, Information and Management, vol. 46(5), pp. 267-270, 2009.
-
(2009)
Information and Management
, vol.46
, Issue.5
, pp. 267-270
-
-
Siponen, M.1
Willison, R.2
-
178
-
-
84885891514
-
The development of a generic framework for the forensic analysis of SCADA and process control systems
-
J. Slay and E. Sitnikova., The development of a generic framework for the forensic analysis of SCADA and process control systems, in Forensics in Telecommunications, Information and Multimedia, M. Sorell (Ed.), Springer, Berlin Heidelberg, Germany, pp. 77-82, 2009.
-
(2009)
in Forensics in Telecommunications, Information and Multimedia, M. Sorell (Ed.), Springer, Berlin Heidelberg, Germany
, pp. 77-82
-
-
Slay, J.1
Sitnikova, E.2
-
179
-
-
0011790817
-
Capability Maturity Model Integration (CMMI)
-
Version 1.3, CMU/SEI-2010-TR-033, Carnegie Mellon University, Pittsburgh, Pennsylvania
-
Software Engineering Institute., Capability Maturity Model Integration (CMMI), Version 1.3, CMU/SEI-2010-TR-033, Carnegie Mellon University, Pittsburgh, Pennsylvania, 2010.
-
(2010)
-
-
-
180
-
-
78649548146
-
SCADA system cyber security - A comparison of standards
-
Proceedings of the IEEE Power and Energy Society General Meeting
-
T. Sommestad, G. Ericsson and J. Nordlander., SCADA system cyber security - A comparison of standards, Proceedings of the IEEE Power and Energy Society General Meeting, 2010.
-
(2010)
-
-
Sommestad, T.1
Ericsson, G.2
Nordlander, J.3
-
181
-
-
78049430884
-
New methodologies for security risk assessment of oil and gas industry
-
A. Srivastava and J. Gupta., New methodologies for security risk assessment of oil and gas industry, Process Safety and Environmental Protection, vol. 88(6), pp. 407-412, 2010.
-
(2010)
Process Safety and Environmental Protection
, vol.88
, Issue.6
, pp. 407-412
-
-
Srivastava, A.1
Gupta, J.2
-
182
-
-
77953248995
-
Resilience and survivability in communication networks: Strategies
-
J. Sterbenz, D. Hutchison, E. Cetinkaya, A. Jabbar, J. Rohrer, M. Scholler and P. Smith., Resilience and survivability in communication networks: Strategies, principles and survey of disciplines, Computer Networks, vol. 54(8), pp. 1245-1265, 2010.
-
(2010)
principles and survey of disciplines, Computer Networks
, vol.54
, Issue.8
, pp. 1245-1265
-
-
Sterbenz, J.1
Hutchison, D.2
Cetinkaya, E.3
Jabbar, A.4
Rohrer, J.5
Scholler, M.6
Smith, P.7
-
183
-
-
70350162420
-
Volume I: Guide for Mapping Types of Information and Information Systems to Security Categories
-
NIST Special Publication 800-60, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland
-
K. Stine, R. Kissel, W. Barker, J. Fahlsing and J. Gullick., Volume I: Guide for Mapping Types of Information and Information Systems to Security Categories, NIST Special Publication 800-60, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland, 2008.
-
(2008)
-
-
Stine, K.1
Kissel, R.2
Barker, W.3
Fahlsing, J.4
Gullick, J.5
-
184
-
-
33645723824
-
Process Control System Security Metrics - State of Practice
-
Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
-
M. Stoddard, R. Carlson, Y. Haimes, D. Bodeau, C. Lian, J. Santos, C. Glantz and J. Shaw., Process Control System Security Metrics - State of Practice, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2005.
-
(2005)
-
-
Stoddard, M.1
Carlson, R.2
Haimes, Y.3
Bodeau, D.4
Lian, C.5
Santos, J.6
Glantz, C.7
Shaw, J.8
-
185
-
-
84946841683
-
Guide to Industrial Control Systems (ICS) Security
-
NIST Special Publication 800-82, National Institute of Standards and Technology, Gaithersburg, Maryland
-
K. Stouffer, J. Falco and K. Scarfone., Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, National Institute of Standards and Technology, Gaithersburg, Maryland, 2011.
-
(2011)
-
-
Stouffer, K.1
Falco, J.2
Scarfone, K.3
-
186
-
-
70349341748
-
Guide for Developing Security Plans for Federal Information Systems
-
NIST Special Publication 800-18, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland
-
M. Swanson, J. Hash and P. Bowen., Guide for Developing Security Plans for Federal Information Systems, NIST Special Publication 800-18, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.
-
(2006)
-
-
Swanson, M.1
Hash, J.2
Bowen, P.3
-
187
-
-
84929288177
-
Guide to Increased Security in Process Control Systems for Critical Societal Functions
-
Stockholm, Sweden
-
Swedish Emergency Management Agency., Guide to Increased Security in Process Control Systems for Critical Societal Functions, Stockholm, Sweden, 2008.
-
(2008)
-
-
-
188
-
-
84869528436
-
Securing Your SCADA and Industrial Control Systems
-
Department of Defense, Washington, DC
-
Technical Support Working Group., Securing Your SCADA and Industrial Control Systems, Department of Defense, Washington, DC, 2005.
-
(2005)
-
-
-
189
-
-
42549101645
-
Vulnerability assessment of cybersecurity for SCADA systems using attack trees
-
Proceedings of the IEEE Power and Energy Society General Meeting
-
C. Ten, C. Liu and M. Govindarasu., Vulnerability assessment of cybersecurity for SCADA systems using attack trees, Proceedings of the IEEE Power and Energy Society General Meeting, 2007.
-
(2007)
-
-
Ten, C.1
Liu, C.2
Govindarasu, M.3
-
190
-
-
67349092535
-
Vulnerability assessment of cybersecurity for SCADA systems
-
C. Ten, C. Liu and G. Manimaran., Vulnerability assessment of cybersecurity for SCADA systems, IEEE Transactions on Power Systems, vol. 23(4), pp. 1836-1846, 2008.
-
(2008)
IEEE Transactions on Power Systems
, vol.23
, Issue.4
, pp. 1836-1846
-
-
Ten, C.1
Liu, C.2
Manimaran, G.3
-
191
-
-
77955429216
-
A multi-layer criticality assessment methodology based on interdependencies
-
M. Theoharidou, P. Kotzanikolaou and D. Gritzalis., A multi-layer criticality assessment methodology based on interdependencies, Computers and Security, vol. 29(6), pp. 643-658, 2010.
-
(2010)
Computers and Security
, vol.29
, Issue.6
, pp. 643-658
-
-
Theoharidou, M.1
Kotzanikolaou, P.2
Gritzalis, D.3
-
192
-
-
84929291438
-
Update NERC Survey Data
-
Portland, Oregon
-
Tripwire., Update NERC Survey Data, Portland, Oregon, 2014.
-
(2014)
-
-
-
193
-
-
84929284284
-
IF-MAP Metadata for ICS Security
-
Specification Version 1.0, Revision 39, Beaverton, Oregon
-
Trusted Computing Group., IF-MAP Metadata for ICS Security, Specification Version 1.0, Revision 39, Beaverton, Oregon, 2012.
-
(2012)
-
-
-
194
-
-
84878083190
-
Information Assurance (IA)
-
Department of Defense Directive 8500.1, Washington, DC
-
U.S. Department of Defense., Information Assurance (IA), Department of Defense Directive 8500.1, Washington, DC, 2002.
-
(2002)
-
-
-
195
-
-
78349298200
-
Information Assurance (IA) Implementation
-
Department of Defense Directive 8500.2, Washington, DC
-
U.S. Department of Defense., Information Assurance (IA) Implementation, Department of Defense Directive 8500.2, Washington, DC, 2003.
-
(2003)
-
-
-
196
-
-
84994263031
-
Risk Management Framework (RMF) for DoD Information Technology (IT)
-
Department of Defense Instruction 8510.01, Washington, DC
-
U.S. Department of Defense., Risk Management Framework (RMF) for DoD Information Technology (IT), Department of Defense Instruction 8510.01, Washington, DC, 2014.
-
(2014)
-
-
-
197
-
-
0242314137
-
21 Steps to Improve Cyber Security for SCADA Systems
-
Washington, DC
-
U.S. Department of Energy., 21 Steps to Improve Cyber Security for SCADA Systems, Washington, DC, 2002.
-
(2002)
-
-
-
198
-
-
84864172717
-
Energy Infrastructure Risk Management Checklists for Small and Medium Sized Energy Facilities
-
Washington, DC
-
U.S. Department of Energy., Energy Infrastructure Risk Management Checklists for Small and Medium Sized Energy Facilities, Washington, DC, 2002.
-
(2002)
-
-
-
199
-
-
84893295680
-
Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2)
-
Version 1.0, Washington, DC
-
U.S. Department of Energy., Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2), Version 1.0, Washington, DC, 2012.
-
(2012)
-
-
-
200
-
-
84890881933
-
Electricity Subsector Cybersecurity Risk Management Process
-
DOE/OE-0003, Washington, DC
-
U.S. Department of Energy., Electricity Subsector Cybersecurity Risk Management Process, DOE/OE-0003, Washington, DC, 2012.
-
(2012)
-
-
-
201
-
-
84929267988
-
Oil and Natural Gas Subsector Cyber Security Capability Maturity Model (ONG-C2M2)
-
Version 1.1, Washington, DC
-
U.S. Department of Energy., Oil and Natural Gas Subsector Cyber Security Capability Maturity Model (ONG-C2M2), Version 1.1, Washington, DC, 2014.
-
(2014)
-
-
-
202
-
-
84929293996
-
Chemical Facility Anti-Terrorism Standards Interim Final Rule
-
DHS-2006-0073, Washington, DC
-
U.S. Department of Homeland Security., Chemical Facility Anti-Terrorism Standards Interim Final Rule, DHS-2006-0073, Washington, DC, 2006.
-
(2006)
-
-
-
203
-
-
84929281503
-
CSAT Security Vulnerability Assessment: Questions
-
Version 1.0, Washington, DC
-
U.S. Department of Homeland Security., CSAT Security Vulnerability Assessment: Questions, Version 1.0, Washington, DC, 2008.
-
(2008)
-
-
-
204
-
-
77952070127
-
Recommended Practice for Patch Management of Control Systems
-
Washington, DC
-
U.S. Department of Homeland Security., Recommended Practice for Patch Management of Control Systems, Washington, DC, 2008.
-
(2008)
-
-
-
205
-
-
84929287887
-
CSAT Site Security Plan: Instructions
-
Version 1.0, Washington, DC
-
U.S. Department of Homeland Security., CSAT Site Security Plan: Instructions, Version 1.0, Washington, DC, 2009.
-
(2009)
-
-
-
206
-
-
84929270599
-
CSAT Top-Screen: Questions
-
Version 2.8, Washington, DC
-
U.S. Department of Homeland Security., CSAT Top-Screen: Questions, Version 2.8, Washington, DC, 2009.
-
(2009)
-
-
-
207
-
-
77956337148
-
Cyber Security Procurement Language for Control Systems
-
Washington, DC
-
U.S. Department of Homeland Security., Cyber Security Procurement Language for Control Systems, Washington, DC, 2009.
-
(2009)
-
-
-
208
-
-
84929273446
-
Primer Control Systems Cyber Security Framework and Technical Metrics
-
Washington, DC
-
U.S. Department of Homeland Security., Primer Control Systems Cyber Security Framework and Technical Metrics, Washington, DC, 2009.
-
(2009)
-
-
-
209
-
-
84866030010
-
Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies
-
Washington, DC
-
U.S. Department of Homeland Security., Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies, Washington, DC, 2009.
-
(2009)
-
-
-
210
-
-
84929279500
-
Risk-Based Performance Standards Guidance
-
Chemical Facility Anti-Terrorism Standards, Washington, DC
-
U.S. Department of Homeland Security., Risk-Based Performance Standards Guidance, Chemical Facility Anti-Terrorism Standards, Washington, DC, 2009.
-
(2009)
-
-
-
211
-
-
84929269539
-
CSAT Top-Screen Survey Application: User Guide
-
Version 1.99, Washington, DC
-
U.S. Department of Homeland Security., CSAT Top-Screen Survey Application: User Guide, Version 1.99, Washington, DC, 2010.
-
(2010)
-
-
-
212
-
-
84887982910
-
Catalog of Control Systems Security: Recommendations for Standards Developers
-
Washington, DC
-
U.S. Department of Homeland Security., Catalog of Control Systems Security: Recommendations for Standards Developers, Washington, DC, 2011.
-
(2011)
-
-
-
213
-
-
84929280126
-
CSAT Security Vulnerability Assessment Application: Instructions
-
Version 2.1, Washington, DC
-
U.S. Department of Homeland Security., CSAT Security Vulnerability Assessment Application: Instructions, Version 2.1, Washington, DC, 2011.
-
(2011)
-
-
-
214
-
-
84929261797
-
Cyber Security Evaluation Tool: Performing a Self Assessment
-
Washington, DC
-
U.S. Department of Homeland Security., Cyber Security Evaluation Tool: Performing a Self Assessment, Washington, DC, 2012.
-
(2012)
-
-
-
215
-
-
84929291775
-
ICS-CERT Year in Review 2012
-
Washington, DC
-
U.S. Department of Homeland Security., ICS-CERT Year in Review 2012, Washington, DC, 2012.
-
(2012)
-
-
-
216
-
-
84929295544
-
Configuring and Managing Remote Access for Industrial Control Systems
-
Washington, DC and London, United Kingdom
-
U.S. Department of Homeland Security. and Centre for the Protection of National Infrastructure, Configuring and Managing Remote Access for Industrial Control Systems, Washington, DC and London, United Kingdom, 2010.
-
(2010)
-
-
-
217
-
-
84871137164
-
Cyber Security Assessments of Industrial Control Systems
-
Washington, DC and London, United Kingdom
-
U.S. Department of Homeland Security. and Centre for the Protection of National Infrastructure, Cyber Security Assessments of Industrial Control Systems, Washington, DC and London, United Kingdom, 2010.
-
(2010)
-
-
-
218
-
-
84929284868
-
VSAT - Risk Assessment Tool for Water Sector Utilities
-
Washington, DC
-
U.S. Environmental Protection Agency., VSAT - Risk Assessment Tool for Water Sector Utilities, Washington, DC, 2010.
-
(2010)
-
-
-
219
-
-
79958292005
-
Cyber Security Programs for Nuclear Facilities
-
Regulatory Guide 5.71, Washington, DC
-
U.S. Nuclear Regulatory Commission., Cyber Security Programs for Nuclear Facilities, Regulatory Guide 5.71, Washington, DC, 2010.
-
(2010)
-
-
-
220
-
-
84921416886
-
Pipeline Security Guidelines
-
Washington, DC
-
U.S. Transportation Security Administration., Pipeline Security Guidelines, Washington, DC, 2011.
-
(2011)
-
-
-
221
-
-
51849150631
-
The CRUTIAL reference critical information infrastructure architecture: A blueprint
-
P. Verissimo, N. Neves and M. Correia., The CRUTIAL reference critical information infrastructure architecture: A blueprint, International Journal of System of Systems Engineering, vol. 1(1/2), pp. 78-95, 2008.
-
(2008)
International Journal of System of Systems Engineering
, vol.1
, Issue.1-2
, pp. 78-95
-
-
Verissimo, P.1
Neves, N.2
Correia, M.3
-
222
-
-
84929270750
-
IT Security for Generating Plants
-
Essen, Germany
-
VGB PowerTech., IT Security for Generating Plants, Essen, Germany, 2006.
-
(2006)
-
-
-
223
-
-
77953170814
-
A simulation environment for SCADA security analysis and assessment
-
C. Wang, L. Fang and Y. Dai., A simulation environment for SCADA security analysis and assessment, Proceedings of the International Conference on Measuring Technology and Mechatronics Automation, vol. 1, pp. 342-347, 2010.
-
(2010)
Proceedings of the International Conference on Measuring Technology and Mechatronics Automation
, Issue.1
, pp. 342-347
-
-
Wang, C.1
Fang, L.2
Dai, Y.3
-
224
-
-
84875747087
-
Cyber security in the smart grid: Survey and challenges
-
1371-1344
-
W. Wang and Z. Lu., Cyber security in the smart grid: Survey and challenges, Computer Networks, vol. 57(5), pp. 1371-1344, 2013.
-
(2013)
Computer Networks
, vol.57
, Issue.5
-
-
Wang, W.1
Lu, Z.2
-
225
-
-
79961197661
-
The Risk-to-Mission Assessment Process (RiskMAP): A Sensitivity Analysis and an Extension to Treat Confidentiality Issues
-
Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
-
J. Watters, S. Morrissey, D. Bodeau and S. Powers., The Risk-to-Mission Assessment Process (RiskMAP): A Sensitivity Analysis and an Extension to Treat Confidentiality Issues, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2009.
-
(2009)
-
-
Watters, J.1
Morrissey, S.2
Bodeau, D.3
Powers, S.4
-
226
-
-
84889035509
-
Toward a cyber-physical topology language: Applications to NERC CIP audit
-
G. Weaver, C. Cheh, E. Rogers, W. Sanders and D. Gammel., Toward a cyber-physical topology language: Applications to NERC CIP audit, Proceedings of the First ACM workshop on Smart Energy Grid Security, pp. 93-104, 2013.
-
(2013)
Proceedings of the First ACM workshop on Smart Energy Grid Security
, pp. 93-104
-
-
Weaver, G.1
Cheh, C.2
Rogers, E.3
Sanders, W.4
Gammel, D.5
-
227
-
-
6744258985
-
Information Technology Security Training Requirements: A Role- and Performance-Based Model
-
NIST Special Publication 800-16, National Institute of Standards and Technology, Gaithersburg, Maryland
-
M. Wilson, D. de Zafra, S. Pitcher, J. Tressler and J. Ippolito., Information Technology Security Training Requirements: A Role- and Performance-Based Model, NIST Special Publication 800-16, National Institute of Standards and Technology, Gaithersburg, Maryland, 1998.
-
(1998)
-
-
Wilson, M.1
de Zafra, D.2
Pitcher, S.3
Tressler, J.4
Ippolito, J.5
-
228
-
-
33745446307
-
Building an Information Technology Security Awareness and Training Program
-
NIST Special Publication 800-50, National Institute of Standards and Technology, Gaithersburg, Maryland
-
M. Wilson and J. Hash., Building an Information Technology Security Awareness and Training Program, NIST Special Publication 800-50, National Institute of Standards and Technology, Gaithersburg, Maryland, 2003.
-
(2003)
-
-
Wilson, M.1
Hash, J.2
-
231
-
-
84893170993
-
Intrusion detection system for IEC 60870-5-104 based SCADA networks
-
Proceedings of the IEEE Power and Energy Society General Meeting
-
Y. Yang, K. McLaughlin, T. Littler, S. Sezer, B. Pranggono and H. Wang., Intrusion detection system for IEC 60870-5-104 based SCADA networks, Proceedings of the IEEE Power and Energy Society General Meeting, 2013.
-
(2013)
-
-
Yang, Y.1
McLaughlin, K.2
Littler, T.3
Sezer, S.4
Pranggono, B.5
Wang, H.6
-
232
-
-
84893445259
-
SCADA-specific intrusion detection/prevention systems: A survey and taxonomy
-
Proceedings of the First Workshop on Secure Control Systems
-
B. Zhu and S. Sastry., SCADA-specific intrusion detection/prevention systems: A survey and taxonomy, Proceedings of the First Workshop on Secure Control Systems, 2010.
-
(2010)
-
-
Zhu, B.1
Sastry, S.2
|