메뉴 건너뛰기




Volumn 9, Issue , 2015, Pages 52-80

A survey of cyber security management in industrial control systems

Author keywords

Industrial control systems; Risk assessment; Risk management; Risk metrics; SCADA systems; Security metrics

Indexed keywords

RISK ASSESSMENT; RISK MANAGEMENT; SCADA SYSTEMS; SECURITY OF DATA; SURVEYS;

EID: 84929278091     PISSN: 18745482     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.ijcip.2015.02.002     Document Type: Article
Times cited : (274)

References (232)
  • 4
    • 84929287545 scopus 로고    scopus 로고
    • Guidance for Addressing Cyber Security in the Chemical Industry
    • Version 3.0, Washington, DC
    • American Chemistry Council., Guidance for Addressing Cyber Security in the Chemical Industry, Version 3.0, Washington, DC, 2006.
    • (2006)
  • 5
    • 48249108851 scopus 로고    scopus 로고
    • Cryptographic Protection of SCADA Communications
    • Part 1: Background, Policies and Test Plan, AGA, Washington, DC
    • American Gas Association., Cryptographic Protection of SCADA Communications, Part 1: Background, Policies and Test Plan, AGA Report No. 12, Washington, DC, 2006.
    • (2006)
  • 6
    • 3843131408 scopus 로고    scopus 로고
    • Security Vulnerability Assessment Methodology for the Petroleum and Petrochemical Industries
    • Washington, DC
    • American Petroleum Institute., Security Vulnerability Assessment Methodology for the Petroleum and Petrochemical Industries, Washington, DC, 2003.
    • (2003)
  • 7
    • 33745384177 scopus 로고    scopus 로고
    • Security Guidelines for the Petroleum Industry
    • Washington, DC
    • American Petroleum Institute., Security Guidelines for the Petroleum Industry, Washington, DC, 2005.
    • (2005)
  • 8
    • 70450242149 scopus 로고    scopus 로고
    • Pipeline SCADA Security
    • Second Edition, API Standard 1164, Washington, DC
    • American Petroleum Institute., Pipeline SCADA Security, Second Edition, API Standard 1164, Washington, DC, 2009.
    • (2009)
  • 9
    • 84873293533 scopus 로고    scopus 로고
    • In quest of benchmarking security risks to cyber-physical systems
    • S. Amin, G. Schwartz and A. Hussain., In quest of benchmarking security risks to cyber-physical systems, IEEE Network, vol. 27(1), pp. 19-24, 2013.
    • (2013) IEEE Network , vol.27 , Issue.1 , pp. 19-24
    • Amin, S.1    Schwartz, G.2    Hussain, A.3
  • 11
    • 84929264805 scopus 로고    scopus 로고
    • IT-Security for Industrial Automation - Example of use of the general model for manufacturers in factory automation - Process control system of an LDPE plant
    • VDI/VDE 2182, Blatt 3.1, Dusseldorf, Germany
    • Association of German Engineers (VDI)., IT-Security for Industrial Automation - Example of use of the general model for manufacturers in factory automation - Process control system of an LDPE plant, VDI/VDE 2182, Blatt 3.1, Dusseldorf, Germany, 2013.
    • (2013)
  • 13
    • 78149396361 scopus 로고    scopus 로고
    • Measuring Cyber Security and Information Assurance: A State-of-the-Art Report
    • Information Assurance Technology Analysis Center, Herndon, Virginia
    • N. Bartol, B. Bates, K. Goertzel and T. Winograd., Measuring Cyber Security and Information Assurance: A State-of-the-Art Report, Information Assurance Technology Analysis Center, Herndon, Virginia, 2009.
    • (2009)
    • Bartol, N.1    Bates, B.2    Goertzel, K.3    Winograd, T.4
  • 15
    • 84864173616 scopus 로고    scopus 로고
    • A Reference Model for Control and Automation Systems in Electrical Power
    • SAND2005-1000C, Sandia National Laboratories, Albuquerque, New Mexico
    • M. Berg and J. Stamp., A Reference Model for Control and Automation Systems in Electrical Power, SAND2005-1000C, Sandia National Laboratories, Albuquerque, New Mexico, 2005.
    • (2005)
    • Berg, M.1    Stamp, J.2
  • 17
    • 61349134071 scopus 로고    scopus 로고
    • Assessment of information impacts in power system security against malicious attacks in a general framework
    • E. Bompard, R. Napoli and F. Xue., Assessment of information impacts in power system security against malicious attacks in a general framework, Reliability Engineering and System Safety, vol. 94(6), pp. 1087-1094, 2009.
    • (2009) Reliability Engineering and System Safety , vol.94 , Issue.6 , pp. 1087-1094
    • Bompard, E.1    Napoli, R.2    Xue, F.3
  • 18
    • 84929289159 scopus 로고    scopus 로고
    • A plan for SCADA security to deter DDoS attacks
    • Proceedings of the Department of Homeland Security: R&D Partnering Conference
    • C. Bowen, T. Buennemeyer and R. Thomas., A plan for SCADA security to deter DDoS attacks, Proceedings of the Department of Homeland Security: R&D Partnering Conference, 2005.
    • (2005)
    • Bowen, C.1    Buennemeyer, T.2    Thomas, R.3
  • 19
    • 34748842440 scopus 로고    scopus 로고
    • Information Security Handbook: A Guide for Managers
    • NIST Special Publication 800-100, National Institute of Standards and Technology, Gaithersburg, Maryland
    • P. Bowen, J. Hash and M. Wilson., Information Security Handbook: A Guide for Managers, NIST Special Publication 800-100, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.
    • (2006)
    • Bowen, P.1    Hash, J.2    Wilson, M.3
  • 22
    • 33644658584 scopus 로고    scopus 로고
    • Information Technology - Security Techniques - Information Security Management - Measurement
    • BS ISO/IEC 27004:2009, London, United Kingdom
    • British Standards Institution., Information Technology - Security Techniques - Information Security Management - Measurement, BS ISO/IEC 27004:2009, London, United Kingdom, 2009.
    • (2009)
  • 23
    • 27544477471 scopus 로고    scopus 로고
    • Electronic Authentication Guideline
    • NIST Special Publication 800-63-2, National Institute of Standards and Technology, Gaithersburg, Maryland
    • W. Burr, D. Dodson, E. Newton, R. Perlner, W. Polk, S. Gupta and E. Nabbus., Electronic Authentication Guideline, NIST Special Publication 800-63-2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2013.
    • (2013)
    • Burr, W.1    Dodson, D.2    Newton, E.3    Perlner, R.4    Polk, W.5    Gupta, S.6    Nabbus, E.7
  • 24
    • 34047240072 scopus 로고    scopus 로고
    • The use of attack trees in assessing vulnerabilities in SCADA systems
    • Proceedings of the International Infrastructure Survivability Workshop
    • E. Byres, M. Franz and D. Miller., The use of attack trees in assessing vulnerabilities in SCADA systems, Proceedings of the International Infrastructure Survivability Workshop, 2004.
    • (2004)
    • Byres, E.1    Franz, M.2    Miller, D.3
  • 25
    • 84855819780 scopus 로고    scopus 로고
    • CERT Resilience Management Model (CERT-RMM): A Maturity Model for Managing Operational Resilience
    • Pearson Education, Boston, Massachusetts
    • R. Caralli, J. Allen and D. White., CERT Resilience Management Model (CERT-RMM): A Maturity Model for Managing Operational Resilience, Pearson Education, Boston, Massachusetts, 2011.
    • (2011)
    • Caralli, R.1    Allen, J.2    White, D.3
  • 28
    • 25444518184 scopus 로고    scopus 로고
    • Systems Security Engineering Capability Maturity Model (SSE-CMM)
    • Model Description Document, Version 2.0, Pittsburgh, Pennsylvania
    • Carnegie Mellon University., Systems Security Engineering Capability Maturity Model (SSE-CMM), Model Description Document, Version 2.0, Pittsburgh, Pennsylvania, 1999.
    • (1999)
  • 29
    • 84929297127 scopus 로고    scopus 로고
    • CIS Security Benchmarks
    • East Greenbush, New York
    • Center for Internet Security., CIS Security Benchmarks, East Greenbush, New York, 2014.
    • (2014)
  • 30
    • 84886813506 scopus 로고    scopus 로고
    • Good Practice Guide
    • Process Control and SCADA Security, Guide 2: Implement Secure Architecture, London, United Kingdom
    • Centre for the Protection of National Infrastructure., Good Practice Guide, Process Control and SCADA Security, Guide 2: Implement Secure Architecture, London, United Kingdom, 2008.
    • (2008)
  • 31
    • 84886813506 scopus 로고    scopus 로고
    • Good Practice Guide
    • Process Control and SCADA Security, Guide 4: Improve Awareness and Skills, London, United Kingdom
    • Centre for the Protection of National Infrastructure., Good Practice Guide, Process Control and SCADA Security, Guide 4: Improve Awareness and Skills, London, United Kingdom, 2008.
    • (2008)
  • 32
    • 84886813506 scopus 로고    scopus 로고
    • Good Practice Guide
    • Process Control and SCADA Security, Guide 7: Establish Ongoing Governance, London, United Kingdom
    • Centre for the Protection of National Infrastructure., Good Practice Guide, Process Control and SCADA Security, Guide 7: Establish Ongoing Governance, London, United Kingdom, 2008.
    • (2008)
  • 33
    • 84929277054 scopus 로고    scopus 로고
    • Resilience in Converged Networks: Good Practice Guidance
    • London, United Kingdom
    • Centre for the Protection of National Infrastructure., Resilience in Converged Networks: Good Practice Guidance, London, United Kingdom, 2009.
    • (2009)
  • 34
    • 84876059580 scopus 로고    scopus 로고
    • Cyber Security in Civil Aviation
    • London, United Kingdom
    • Centre for the Protection of National Infrastructure., Cyber Security in Civil Aviation, London, United Kingdom, 2012.
    • (2012)
  • 36
    • 70350634504 scopus 로고    scopus 로고
    • Using model-based intrusion detection for SCADA networks
    • Proceedings of the SCADA Security Scientific Symposium
    • S. Cheung, B. Dutertre, M. Fong, U. Lindqvist, K. Skinner and A. Valdes., Using model-based intrusion detection for SCADA networks, Proceedings of the SCADA Security Scientific Symposium, 2007.
    • (2007)
    • Cheung, S.1    Dutertre, B.2    Fong, M.3    Lindqvist, U.4    Skinner, K.5    Valdes, A.6
  • 37
    • 70350663440 scopus 로고    scopus 로고
    • Performance Measurement Guide for Information Security
    • NIST Special Publication 800-55, National Institute of Standards and Technology, Gaithersburg, Maryland
    • E. Chew, M. Swanson, K. Stine, N. Bartol, A. Brown and W. Robinson., Performance Measurement Guide for Information Security, NIST Special Publication 800-55, National Institute of Standards and Technology, Gaithersburg, Maryland, 2008.
    • (2008)
    • Chew, E.1    Swanson, M.2    Stine, K.3    Bartol, N.4    Brown, A.5    Robinson, W.6
  • 38
    • 84893229206 scopus 로고    scopus 로고
    • Structural and functional vulnerability analysis for survivability of smart grid and SCADA network under severe emergencies and WMD attacks
    • P. Chopade and M. Bikdash., Structural and functional vulnerability analysis for survivability of smart grid and SCADA network under severe emergencies and WMD attacks, Proceedings of the IEEE International Conference on Technologies for Homeland Security, pp. 99-105, 2013.
    • (2013) Proceedings of the IEEE International Conference on Technologies for Homeland Security , pp. 99-105
    • Chopade, P.1    Bikdash, M.2
  • 39
    • 84869111922 scopus 로고    scopus 로고
    • Computer Security Incident Handling Guide
    • NIST Special Publication 800-61, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland
    • P. Cichonski, T. Millar, T. Grance and K. Scarfone., Computer Security Incident Handling Guide, NIST Special Publication 800-61, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2012.
    • (2012)
    • Cichonski, P.1    Millar, T.2    Grance, T.3    Scarfone, K.4
  • 40
    • 0023266943 scopus 로고
    • A comparison of commercial and military computer security policies
    • Proceedings of the IEEE Symposium on Security and Privacy
    • D. Clark and D. Wilson., A comparison of commercial and military computer security policies, Proceedings of the IEEE Symposium on Security and Privacy, p. 184-194, 1987.
    • (1987) , pp. 184-194
    • Clark, D.1    Wilson, D.2
  • 42
    • 84929268896 scopus 로고    scopus 로고
    • Critical Information Infrastructure Research Coordination (CI2RCO)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Critical Information Infrastructure Research Coordination (CI2RCO), European Commission, Luxembourg, 2007.
    • (2007)
  • 43
    • 84929292197 scopus 로고    scopus 로고
    • Critical Utility Infrastructural Resilience (CRUTIAL)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Critical Utility Infrastructural Resilience (CRUTIAL), European Commission, Luxembourg, 2008.
    • (2008)
  • 44
    • 84929265707 scopus 로고    scopus 로고
    • Design of an Interoperable European Federated Simulation Network for Critical Infrastructures (DIESIS)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Design of an Interoperable European Federated Simulation Network for Critical Infrastructures (DIESIS), European Commission, Luxembourg, 2010.
    • (2010)
  • 45
    • 84929279590 scopus 로고    scopus 로고
    • European Network for the Security of Control and Real-Time Systems (ESCoRTS)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., European Network for the Security of Control and Real-Time Systems (ESCoRTS), European Commission, Luxembourg, 2010.
    • (2010)
  • 46
    • 84929297409 scopus 로고    scopus 로고
    • European Risk Assessment and Contingency Planning Methodologies for Interconnected Energy Networks (EURACOM)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., European Risk Assessment and Contingency Planning Methodologies for Interconnected Energy Networks (EURACOM), European Commission, Luxembourg, 2011.
    • (2011)
  • 47
    • 84888470353 scopus 로고    scopus 로고
    • Increasing Security and Protection through Infrastructure Resilience (INSPIRE)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Increasing Security and Protection through Infrastructure Resilience (INSPIRE), European Commission, Luxembourg, 2011.
    • (2011)
  • 48
    • 84929277967 scopus 로고    scopus 로고
    • Semantically Enhanced Resilient and Secure Critical Infrastructure Services (SERSCIS)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Semantically Enhanced Resilient and Secure Critical Infrastructure Services (SERSCIS), European Commission, Luxembourg, 2011.
    • (2011)
  • 49
    • 84929280762 scopus 로고    scopus 로고
    • Tool for Systemic Risk Analysis and Secure Mediation of Data Exchanged across Linked Critical Information Infrastructures (MICIE)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Tool for Systemic Risk Analysis and Secure Mediation of Data Exchanged across Linked Critical Information Infrastructures (MICIE), European Commission, Luxembourg, 2011.
    • (2011)
  • 50
    • 84929265036 scopus 로고    scopus 로고
    • Vital Infrastructure
    • Networks, Information and Control Systems Management (VIKING), European Commission, Luxembourg
    • Community Research and Development Information Service., Vital Infrastructure, Networks, Information and Control Systems Management (VIKING), European Commission, Luxembourg, 2011.
    • (2011)
  • 51
    • 84929283325 scopus 로고    scopus 로고
    • Wireless Sensor Networks for the Protection of Critical Infrastructures (WSAN4CIP)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Wireless Sensor Networks for the Protection of Critical Infrastructures (WSAN4CIP), European Commission, Luxembourg, 2011.
    • (2011)
  • 52
    • 84929277850 scopus 로고    scopus 로고
    • Emergency Management in Large Infrastructures (EMILI)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Emergency Management in Large Infrastructures (EMILI), European Commission, Luxembourg, 2012.
    • (2012)
  • 53
    • 84929261985 scopus 로고    scopus 로고
    • Strategic Risk Assessment and Contingency Planning in Interconnected Transport Networks (STAR-TRANS)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Strategic Risk Assessment and Contingency Planning in Interconnected Transport Networks (STAR-TRANS), European Commission, Luxembourg, 2012.
    • (2012)
  • 54
    • 84929297265 scopus 로고    scopus 로고
    • A Framework for Electrical Power Systems Vulnerability Identification
    • Defense and Restoration (AFTER), European Commission, Luxembourg
    • Community Research and Development Information Service., A Framework for Electrical Power Systems Vulnerability Identification, Defense and Restoration (AFTER), European Commission, Luxembourg, 2014.
    • (2014)
  • 55
    • 84929283411 scopus 로고    scopus 로고
    • Critical Infrastructure Security Analysis (CRISALIS)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Critical Infrastructure Security Analysis (CRISALIS), European Commission, Luxembourg, 2014.
    • (2014)
  • 56
    • 84929294654 scopus 로고    scopus 로고
    • Cybersecurity on SCADA: Risk Prediction
    • Analysis and Reaction Tools for Critical Infrastructures (COCKPITCI), European Commission, Luxembourg
    • Community Research and Development Information Service., Cybersecurity on SCADA: Risk Prediction, Analysis and Reaction Tools for Critical Infrastructures (COCKPITCI), European Commission, Luxembourg, 2014.
    • (2014)
  • 57
    • 84943245764 scopus 로고    scopus 로고
    • Prevention
    • Protection and Reaction to Cyber Attacks on Critical Infrastructures (PRECYSE), European Commission, Luxembourg
    • Community Research and Development Information Service., Prevention, Protection and Reaction to Cyber Attacks on Critical Infrastructures (PRECYSE), European Commission, Luxembourg, 2014.
    • (2014)
  • 58
    • 84929277474 scopus 로고    scopus 로고
    • Protection of Critical Infrastructures against High Power Microwave Threats (HIPOW)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Protection of Critical Infrastructures against High Power Microwave Threats (HIPOW), European Commission, Luxembourg, 2014.
    • (2014)
  • 59
    • 84929269845 scopus 로고    scopus 로고
    • Strategies for the Improvement of Critical Infrastructure Resilience to Electromagnetic Attacks (STRUCTURES)
    • European Commission, Luxembourg
    • Community Research and Development Information Service., Strategies for the Improvement of Critical Infrastructure Resilience to Electromagnetic Attacks (STRUCTURES), European Commission, Luxembourg, 2014.
    • (2014)
  • 62
    • 84929295094 scopus 로고    scopus 로고
    • Converged Plantwide Ethernet (CPwE) Design and Implementation Guide
    • ENET-TD001E-EN-P, Cisco Systems, San Jose, California and Rockwell Automation, Milwaukee, Wisconsin
    • P. Didier, F. Macias, J. Harstad, R. Antholine, S. Johnston, S. Piyevsky, M. Schillace, G. Wilcox, D. Zaniewski and S. Zuponcic., Converged Plantwide Ethernet (CPwE) Design and Implementation Guide, ENET-TD001E-EN-P, Cisco Systems, San Jose, California and Rockwell Automation, Milwaukee, Wisconsin, 2011.
    • (2011)
    • Didier, P.1    Macias, F.2    Harstad, J.3    Antholine, R.4    Johnston, S.5    Piyevsky, S.6    Schillace, M.7    Wilcox, G.8    Zaniewski, D.9    Zuponcic, S.10
  • 63
    • 84929290663 scopus 로고    scopus 로고
    • Digital Bond, Field Device Protection Profile for SCADA Systems in Medium Robustness Environments
    • Version 0.75, Sunrise, Florida
    • Digital Bond, Field Device Protection Profile for SCADA Systems in Medium Robustness Environments., Version 0.75, Sunrise, Florida, 2006.
    • (2006)
  • 64
    • 84893268738 scopus 로고    scopus 로고
    • A plausible solution to SCADA security honeypot systems, Proceedings of the Eighth International Conference on Broadband and Wireless Computing
    • J. Disso, K. Jones and S. Bailey, A plausible solution to SCADA security honeypot systems, Proceedings of the Eighth International Conference on Broadband and Wireless Computing, Communication and Applications, pp. 443-448, 2013.
    • (2013) Communication and Applications , pp. 443-448
    • Disso, J.1    Jones, K.2    Bailey, S.3
  • 68
    • 84929277459 scopus 로고    scopus 로고
    • Security Measures and Metrics Valuation Methodology
    • Palo Alto, California
    • Electric Power Research Institute., Security Measures and Metrics Valuation Methodology, Palo Alto, California, 2006.
    • (2006)
  • 69
    • 84929297413 scopus 로고    scopus 로고
    • Transmission System SQRA Assessment Methods
    • Palo Alto, California
    • Electric Power Research Institute., Transmission System SQRA Assessment Methods, Palo Alto, California, 2009.
    • (2009)
  • 70
    • 84929265642 scopus 로고    scopus 로고
    • Cyber Security and Privacy - Program 183
    • Palo Alto, California
    • Electric Power Research Institute., Cyber Security and Privacy - Program 183, Palo Alto, California, 2013.
    • (2013)
  • 71
    • 84929290215 scopus 로고    scopus 로고
    • Providing Autonomous Capabilities for Evolving SCADA (PACES)
    • Swindon, United Kingdom
    • Engineering and Physical Sciences Research Council., Providing Autonomous Capabilities for Evolving SCADA (PACES), Swindon, United Kingdom, 2014.
    • (2014)
  • 72
    • 17844380284 scopus 로고    scopus 로고
    • Management of information security for an electric power utility - On security domains and use of the ISO/IEC17799 standard
    • G. Ericsson., Management of information security for an electric power utility - On security domains and use of the ISO/IEC17799 standard, IEEE Transactions on Power Delivery, vol. 20(2), pp. 683-690, 2005.
    • (2005) IEEE Transactions on Power Delivery , vol.20 , Issue.2 , pp. 683-690
    • Ericsson, G.1
  • 73
    • 67650711721 scopus 로고    scopus 로고
    • Information security for electric power utilities - CIGRÉ developments on frameworks
    • G. Ericsson., Information security for electric power utilities - CIGRÉ developments on frameworks, risk assessment and technology, IEEE Transactions on Power Delivery, vol. 24(3), pp. 1174-1181, 2009.
    • (2009) risk assessment and technology, IEEE Transactions on Power Delivery , vol.24 , Issue.3 , pp. 1174-1181
    • Ericsson, G.1
  • 74
    • 77954005795 scopus 로고    scopus 로고
    • Cyber security and power system communication - Essential parts of a smart grid infrastructure
    • G. Ericsson., Cyber security and power system communication - Essential parts of a smart grid infrastructure, IEEE Transactions on Power Delivery, vol. 25(3), pp. 1501-1507, 2010.
    • (2010) IEEE Transactions on Power Delivery , vol.25 , Issue.3 , pp. 1501-1507
    • Ericsson, G.1
  • 75
    • 84877781128 scopus 로고    scopus 로고
    • Proposal for a directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union
    • COM(2013) 48 final, Brussels, Belgium
    • European Commission., Proposal for a directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union, COM(2013) 48 final, Brussels, Belgium, 2013.
    • (2013)
  • 76
    • 84884318324 scopus 로고    scopus 로고
    • Protecting Industrial Control Systems - Recommendations for Europe and Member States
    • Heraklion, Crete, Greece
    • European Network and Information Security Agency., Protecting Industrial Control Systems - Recommendations for Europe and Member States, Heraklion, Crete, Greece, 2011.
    • (2011)
  • 77
    • 84884318324 scopus 로고    scopus 로고
    • Protecting Industrial Control Systems
    • Annex V: Key Findings, Heraklion, Crete, Greece
    • European Network and Information Security Agency., Protecting Industrial Control Systems, Annex V: Key Findings, Heraklion, Crete, Greece, 2011.
    • (2011)
  • 78
    • 84871760090 scopus 로고    scopus 로고
    • Recommended Practice: Creating Cyber Forensics Plans for Control Systems
    • U.S. Department of Homeland Security, Washington, DC
    • M. Fabron, E. Cornelius., Recommended Practice: Creating Cyber Forensics Plans for Control Systems, U.S. Department of Homeland Security, Washington, DC, 2008.
    • (2008)
    • Fabron, M.1    Cornelius, E.2
  • 79
    • 84929295199 scopus 로고    scopus 로고
    • Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments
    • Version 1.0, Idaho National Laboratory, Idaho Falls, Idaho
    • M. Fabro, V. Maio, Using Operational Security (OPSEC) to Support a Cyber Security Culture in Control Systems Environments, Version 1.0, Idaho National Laboratory, Idaho Falls, Idaho, 2007.
    • (2007)
    • Fabro, M.1    Maio, V.2
  • 80
    • 77951749326 scopus 로고    scopus 로고
    • Designing secure SCADA systems using security patterns
    • Proceedings of the Forty-Third Hawaii International Conference on System Sciences
    • E. Fernandez and M. Larrondo-Petrie., Designing secure SCADA systems using security patterns, Proceedings of the Forty-Third Hawaii International Conference on System Sciences, 2010.
    • (2010)
    • Fernandez, E.1    Larrondo-Petrie, M.2
  • 84
    • 84866399058 scopus 로고    scopus 로고
    • A cyber-physical experimentation environment for the security analysis of networked industrial control systems
    • B. Genge, C. Siaterlis, I. Nai Fovino and M. Masera., A cyber-physical experimentation environment for the security analysis of networked industrial control systems, Computers and Electrical Engineering, vol. 38(5), pp. 1146-1161, 2012.
    • (2012) Computers and Electrical Engineering , vol.38 , Issue.5 , pp. 1146-1161
    • Genge, B.1    Siaterlis, C.2    Nai Fovino, I.3    Masera, M.4
  • 85
    • 84929296209 scopus 로고    scopus 로고
    • 21 Steps Security Metrics Tool
    • Technical Report, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
    • C. Glantz and L. O[U+05F3]Neil., 21 Steps Security Metrics Tool, Technical Report, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2002.
    • (2002)
    • Glantz, C.1    O'Neil, L.2
  • 91
    • 18444387632 scopus 로고    scopus 로고
    • The Federal Aviation Administration Integrated Capability Maturity Model (FAA-iCMM) Appraisal Method
    • Version 2.0, U.S. Federal Aviation Administration, Washington, DC
    • L. Ibrahim, E. Harwell, B. Howard, K. Johnson, J. Meeker, M. Virga and C. Wells., The Federal Aviation Administration Integrated Capability Maturity Model (FAA-iCMM) Appraisal Method, Version 2.0, U.S. Federal Aviation Administration, Washington, DC, 2001.
    • (2001)
    • Ibrahim, L.1    Harwell, E.2    Howard, B.3    Johnson, K.4    Meeker, J.5    Virga, M.6    Wells, C.7
  • 92
    • 84929269971 scopus 로고    scopus 로고
    • and members of the Safety and Security Extensions Project Team
    • Safety and Security Extensions for Integrated Capability Maturity Models, U.S. Federal Aviation Administration, Washington, DC
    • L. Ibrahim, J. Jarzombek, M. Ashford, R. Bate, P. Croll, M. Horn, L. LaBruyere, C. Wells., and members of the Safety and Security Extensions Project Team, Safety and Security Extensions for Integrated Capability Maturity Models, U.S. Federal Aviation Administration, Washington, DC, 2004.
    • (2004)
    • Ibrahim, L.1    Jarzombek, J.2    Ashford, M.3    Bate, R.4    Croll, P.5    Horn, M.6    LaBruyere, L.7    Wells, C.8
  • 94
    • 21644483174 scopus 로고    scopus 로고
    • IEEE Guide for Electric Power Substation Physical and Electronic Security
    • IEEE 1402-2000, Piscataway, New Jersey
    • Institute of Electrical and Electronics Engineers., IEEE Guide for Electric Power Substation Physical and Electronic Security, IEEE 1402-2000, Piscataway, New Jersey, 2000.
    • (2000)
  • 95
    • 49549095693 scopus 로고    scopus 로고
    • IEEE Standard for Substation Intelligent Electronic Devices (IEDs) Cyber Security Capabilities
    • IEEE 1686-2007, Piscataway, New Jersey
    • Institute of Electrical and Electronics Engineers., IEEE Standard for Substation Intelligent Electronic Devices (IEDs) Cyber Security Capabilities, IEEE 1686-2007, Piscataway, New Jersey, 2007.
    • (2007)
  • 96
    • 84929287562 scopus 로고    scopus 로고
    • IEEE Trial Use Standard for Retrofit Cyber Security of Serial SCADA Links and IED Remote Access
    • IEEE P1689, Piscataway, New Jersey
    • Institute of Electrical and Electronics Engineers., IEEE Trial Use Standard for Retrofit Cyber Security of Serial SCADA Links and IED Remote Access, IEEE P1689, Piscataway, New Jersey, 2007.
    • (2007)
  • 97
    • 84929297300 scopus 로고    scopus 로고
    • IEEE Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links
    • IEEE 1711-2010, Piscataway, New Jersey
    • Institute of Electrical and Electronics Engineers., IEEE Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links, IEEE 1711-2010, Piscataway, New Jersey, 2010.
    • (2010)
  • 98
    • 67650540248 scopus 로고    scopus 로고
    • Power Systems Management and Associated Information Exchange - Data and Communications Security
    • IEC/TS 62351-1 ed1.0, Geneva, Switzerland
    • International Electrotechnical Commission., Power Systems Management and Associated Information Exchange - Data and Communications Security, IEC/TS 62351-1 ed1.0, Geneva, Switzerland, 2007.
    • (2007)
  • 99
    • 84155194329 scopus 로고    scopus 로고
    • Industrial Communication Networks - Network and System Security - Part 1-1: Terminology
    • Concepts and Models, IEC/TS 62443-1-1 ed1.0, Geneva, Switzerland
    • International Electrotechnical Commission., Industrial Communication Networks - Network and System Security - Part 1-1: Terminology, Concepts and Models, IEC/TS 62443-1-1 ed1.0, Geneva, Switzerland, 2009.
    • (2009)
  • 100
    • 84929293999 scopus 로고    scopus 로고
    • Industrial Communication Networks - Profiles - Part 3-1: Functional Safety Fieldbuses - Additional Specifications for CPF 1
    • IEC 61784-3-1 ed2.0, Geneva, Switzerland
    • International Electrotechnical Commission., Industrial Communication Networks - Profiles - Part 3-1: Functional Safety Fieldbuses - Additional Specifications for CPF 1, IEC 61784-3-1 ed2.0, Geneva, Switzerland, 2010.
    • (2010)
  • 101
    • 28044457328 scopus 로고    scopus 로고
    • Information Technology - Security Techniques - Code of Practice for Information Security Management
    • ISO/IEC 27002:2005, Geneva, Switzerland
    • International Organization for Standardization., Information Technology - Security Techniques - Code of Practice for Information Security Management, ISO/IEC 27002:2005, Geneva, Switzerland, 2005.
    • (2005)
  • 102
    • 0003765589 scopus 로고    scopus 로고
    • Information Technology - Security Techniques - Evaluation Criteria for IT Security - Part 1: Introduction and General Model
    • ISO/IEC 15408-1:2009, Geneva, Switzerland
    • International Organization for Standardization., Information Technology - Security Techniques - Evaluation Criteria for IT Security - Part 1: Introduction and General Model, ISO/IEC 15408-1:2009, Geneva, Switzerland, 2009.
    • (2009)
  • 103
    • 84929278617 scopus 로고    scopus 로고
    • Security for Industrial Automation and Control Systems
    • Part 2-1: Industrial Automation and Control System Security Management System, ISA-62443-2-1 (99.02.01), Research Triangle Park, North Carolina
    • International Society of Automation., Security for Industrial Automation and Control Systems, Part 2-1: Industrial Automation and Control System Security Management System, ISA-62443-2-1 (99.02.01), Research Triangle Park, North Carolina, 2012.
    • (2012)
  • 104
    • 84904875538 scopus 로고    scopus 로고
    • Security for Industrial Automation and Control Systems
    • Part 3-2: Security Risk Assessment and System Design, ISA-62443-3-2, Research Triangle Park, North Carolina
    • International Society of Automation., Security for Industrial Automation and Control Systems, Part 3-2: Security Risk Assessment and System Design, ISA-62443-3-2, Research Triangle Park, North Carolina, 2013.
    • (2013)
  • 105
    • 77953158482 scopus 로고    scopus 로고
    • Directions in Security Metrics Research
    • NISTIR 7564, National Institute of Standards and Technology, Gaithersburg, Maryland
    • W. Jansen., Directions in Security Metrics Research, NISTIR 7564, National Institute of Standards and Technology, Gaithersburg, Maryland, 2009.
    • (2009)
    • Jansen, W.1
  • 106
    • 37249037465 scopus 로고    scopus 로고
    • Security Metrics: Replacing Fear
    • Uncertainty and Doubt, Pearson Education, Upper Saddle River, New Jersey
    • A. Jaquith., Security Metrics: Replacing Fear, Uncertainty and Doubt, Pearson Education, Upper Saddle River, New Jersey, 2007.
    • (2007)
    • Jaquith, A.1
  • 109
    • 84857354121 scopus 로고    scopus 로고
    • Security Considerations in the System Development Life Cycle
    • NIST Special Publication 800-64, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland
    • R. Kissel, K. Stine, M. Scholl, H. Rossman, J. Fahlsing and J. Gulick., Security Considerations in the System Development Life Cycle, NIST Special Publication 800-64, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2008.
    • (2008)
    • Kissel, R.1    Stine, K.2    Scholl, M.3    Rossman, H.4    Fahlsing, J.5    Gulick, J.6
  • 110
    • 84929294812 scopus 로고    scopus 로고
    • Perceptual influences on risk assessments and the challenges for information security and network management
    • Proceedings of the Thirteenth Annual Post Graduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting
    • W. Knowles, D. Prince and D. Hutchison., Perceptual influences on risk assessments and the challenges for information security and network management, Proceedings of the Thirteenth Annual Post Graduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting, 2012.
    • (2012)
    • Knowles, W.1    Prince, D.2    Hutchison, D.3
  • 112
    • 84874152879 scopus 로고    scopus 로고
    • Robust Control System Networks: How to Achieve Reliable Control after Stuxnet
    • Momentum Press, New York
    • R. Langer., Robust Control System Networks: How to Achieve Reliable Control after Stuxnet, Momentum Press, New York, 2012.
    • (2012)
    • Langer, R.1
  • 113
    • 84897705224 scopus 로고    scopus 로고
    • Evaluation of security solutions in the SCADA environment
    • R. Larkin, J. Lopez, J. Butts and M. Grimaila., Evaluation of security solutions in the SCADA environment, ACM SIGMIS Database, vol. 45(1), pp. 38-53, 2014.
    • (2014) ACM SIGMIS Database , vol.45 , Issue.1 , pp. 38-53
    • Larkin, R.1    Lopez, J.2    Butts, J.3    Grimaila, M.4
  • 116
    • 84870547225 scopus 로고    scopus 로고
    • Functional vulnerability assessment of SCADA networks
    • Proceedings of the Asia-Pacific Power and Energy Engineering Conference
    • G. Li, W. Ju and D. Shi., Functional vulnerability assessment of SCADA networks, Proceedings of the Asia-Pacific Power and Energy Engineering Conference, 2012.
    • (2012)
    • Li, G.1    Ju, W.2    Shi, D.3
  • 118
    • 79953217649 scopus 로고    scopus 로고
    • Asset analysis of risk assessment for IEC 61850 based power control systems - Part I: Methodology
    • N. Liu, J. Zhang and X. Wu., Asset analysis of risk assessment for IEC 61850 based power control systems - Part I: Methodology, IEEE Transactions on Power Delivery, vol. 26(2), pp. 869-875, 2011.
    • (2011) IEEE Transactions on Power Delivery , vol.26 , Issue.2 , pp. 869-875
    • Liu, N.1    Zhang, J.2    Wu, X.3
  • 119
    • 77953994369 scopus 로고    scopus 로고
    • Security assessment for communication networks of power control systems using attack graph and MCDM
    • N. Liu, J. Zhang, H. Zhang and W. Liu., Security assessment for communication networks of power control systems using attack graph and MCDM, IEEE Transactions on Power Delivery, vol. 25(3), pp. 1492-1500, 2010.
    • (2010) IEEE Transactions on Power Delivery , vol.25 , Issue.3 , pp. 1492-1500
    • Liu, N.1    Zhang, J.2    Zhang, H.3    Liu, W.4
  • 121
    • 85052499611 scopus 로고    scopus 로고
    • Cybersecurity for Industrial Control Systems: SCADA
    • DCS, PLC, HMI and SIS, CRC Press, Boca Raton, Florida
    • T. Macaulay and B. Singer., Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI and SIS, CRC Press, Boca Raton, Florida, 2012.
    • (2012)
    • Macaulay, T.1    Singer, B.2
  • 123
    • 79957979992 scopus 로고    scopus 로고
    • A testbed for analyzing security of SCADA control systems
    • Proceedings of the IEEE Power and Energy Society Conference on Innovative Smart Grid Technologies
    • M. Mallouhi, Y. Al-Nashif, D. Cox, T. Chadaga and S. Hariri., A testbed for analyzing security of SCADA control systems, Proceedings of the IEEE Power and Energy Society Conference on Innovative Smart Grid Technologies, 2011.
    • (2011)
    • Mallouhi, M.1    Al-Nashif, Y.2    Cox, D.3    Chadaga, T.4    Hariri, S.5
  • 125
    • 84929289935 scopus 로고    scopus 로고
    • PCS Security Technology Evaluation Tool (P-STET)
    • Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
    • A. McIntyre., PCS Security Technology Evaluation Tool (P-STET), Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2003.
    • (2003)
    • McIntyre, A.1
  • 126
    • 84929289998 scopus 로고    scopus 로고
    • I3P Task 3 Security Metrics Tools Final Report
    • Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
    • A. McIntyre., I3P Task 3 Security Metrics Tools Final Report, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2007.
    • (2007)
    • McIntyre, A.1
  • 127
    • 78049469768 scopus 로고    scopus 로고
    • Security Metrics for Process Control Systems
    • SAND2007-2070P, Sandia National Laboratories, Albuquerque, New Mexico
    • A. McIntyre, B. Becker and R. Halbgewachs., Security Metrics for Process Control Systems, SAND2007-2070P, Sandia National Laboratories, Albuquerque, New Mexico, 2007.
    • (2007)
    • McIntyre, A.1    Becker, B.2    Halbgewachs, R.3
  • 129
    • 77954785753 scopus 로고    scopus 로고
    • Cyber-related risk assessment and critical asset identification within the power grid
    • Proceedings of the IEEE Power and Energy Society Transmission and Distribution Conference and Exposition
    • Z. Mohajerani, F. Farzan, M. Jafary, Y. Lu, D. Wei, N. Kalenchits, B. Boyer, M. Muller and P. Skare., Cyber-related risk assessment and critical asset identification within the power grid, Proceedings of the IEEE Power and Energy Society Transmission and Distribution Conference and Exposition, 2010.
    • (2010)
    • Mohajerani, Z.1    Farzan, F.2    Jafary, M.3    Lu, Y.4    Wei, D.5    Kalenchits, N.6    Boyer, B.7    Muller, M.8    Skare, P.9
  • 130
    • 33644636365 scopus 로고    scopus 로고
    • Application of the API/NPRA SVA methodology to transportation security issues
    • D. Moore., Application of the API/NPRA SVA methodology to transportation security issues, Journal of Hazardous Materials, vol. 130(1-2), pp. 107-121, 2006.
    • (2006) Journal of Hazardous Materials , vol.130 , Issue.1-2 , pp. 107-121
    • Moore, D.1
  • 138
    • 70450215489 scopus 로고    scopus 로고
    • Cyber security for energy automation systems - New challenges for vendors
    • Proceedings of the Twentieth International Conference on Electricity Distribution
    • B. Nartmann, T. Brandstetter and K. Knorr., Cyber security for energy automation systems - New challenges for vendors, Proceedings of the Twentieth International Conference on Electricity Distribution, 2009.
    • (2009)
    • Nartmann, B.1    Brandstetter, T.2    Knorr, K.3
  • 139
    • 84898316732 scopus 로고    scopus 로고
    • Firewall Deployment for SCADA and Process Control Networks
    • Good Practice Guide, London, United Kingdom
    • National Infrastructure Security Coordination Centre., Firewall Deployment for SCADA and Process Control Networks, Good Practice Guide, London, United Kingdom, 2005.
    • (2005)
  • 140
    • 47849111337 scopus 로고    scopus 로고
    • Standards for Security Categorization of Federal Information and Information Systems
    • FIPS PUB 199, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Standards for Security Categorization of Federal Information and Information Systems, FIPS PUB 199, Gaithersburg, Maryland, 2004.
    • (2004)
  • 141
    • 78649562070 scopus 로고    scopus 로고
    • System Protection Profile - Industrial Control Systems Version 1.0
    • NISTIR 7176, Gaithersburg, Maryland
    • National Institute of Standards and Technology., System Protection Profile - Industrial Control Systems Version 1.0, NISTIR 7176, Gaithersburg, Maryland, 2004.
    • (2004)
  • 142
    • 78751691693 scopus 로고    scopus 로고
    • Minimum Security Requirements for Federal Information and Information Systems
    • FIPS PUB 200, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Minimum Security Requirements for Federal Information and Information Systems, FIPS PUB 200, Gaithersburg, Maryland, 2006.
    • (2006)
  • 143
    • 78649245486 scopus 로고    scopus 로고
    • Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
    • NIST Special Publication 800-37, Revision 1, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach, NIST Special Publication 800-37, Revision 1, Gaithersburg, Maryland, 2010.
    • (2010)
  • 144
    • 84873139978 scopus 로고    scopus 로고
    • Managing Information Security Risk: Organization
    • Mission and Information System View, NIST Special Publication 800-39, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Managing Information Security Risk: Organization, Mission and Information System View, NIST Special Publication 800-39, Gaithersburg, Maryland, 2011.
    • (2011)
  • 145
    • 84880713047 scopus 로고    scopus 로고
    • Guide for Conducting Risk Assessments
    • NIST Special Publication 800-30, Revision 1, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Guide for Conducting Risk Assessments, NIST Special Publication 800-30, Revision 1, Gaithersburg, Maryland, 2012.
    • (2012)
  • 146
    • 29744436477 scopus 로고    scopus 로고
    • Personal Identity Verification (PIV) of Federal Employees and Contractors
    • FIPS PUB 201-2, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Personal Identity Verification (PIV) of Federal Employees and Contractors, FIPS PUB 201-2, Gaithersburg, Maryland, 2013.
    • (2013)
  • 147
    • 84885817796 scopus 로고    scopus 로고
    • Security and Privacy Controls for Federal Information Systems and Organizations
    • NIST Special Publication 800-53, Revision 4, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Security and Privacy Controls for Federal Information Systems and Organizations, NIST Special Publication 800-53, Revision 4, Gaithersburg, Maryland, 2013.
    • (2013)
  • 148
    • 84929292855 scopus 로고    scopus 로고
    • Comments Received in Response to: Request for Comments on the Preliminary Cybersecurity Framework
    • Gaithersburg, Maryland
    • National Institute of Standards and Technology., Comments Received in Response to: Request for Comments on the Preliminary Cybersecurity Framework, Gaithersburg, Maryland, 2014.
    • (2014)
  • 149
    • 84904416346 scopus 로고    scopus 로고
    • Framework for Improving Critical Infrastructure Cybersecurity
    • Version 1.0, Gaithersburg, Maryland
    • National Institute of Standards and Technology., Framework for Improving Critical Infrastructure Cybersecurity, Version 1.0, Gaithersburg, Maryland, 2014.
    • (2014)
  • 150
    • 84929271379 scopus 로고    scopus 로고
    • Industrial Control System Security (ICS)
    • Gaithersburg, Maryland
    • National Institute of Standards and Technology., Industrial Control System Security (ICS), Gaithersburg, Maryland, 2014.
    • (2014)
  • 151
    • 84929286077 scopus 로고    scopus 로고
    • Fort Meade
    • Maryland, March 14
    • National Security Agency, NSA develops INFOSEC assessment training and rating program., Fort Meade, Maryland, March 14, 2002.
    • (2002)
  • 152
    • 74949097970 scopus 로고    scopus 로고
    • Towards quantifying the impacts of cyber attacks in the competitive electricity market environment
    • Proceedings of the IEEE PowerTech Conference
    • M. Negrete-Pincetic, F. Yoshida and G. Gross., Towards quantifying the impacts of cyber attacks in the competitive electricity market environment, Proceedings of the IEEE PowerTech Conference, 2009.
    • (2009)
    • Negrete-Pincetic, M.1    Yoshida, F.2    Gross, G.3
  • 154
    • 84929278656 scopus 로고    scopus 로고
    • Critical Infrastructure Protection (CIP) 001-011
    • Washington, DC
    • North American Electric Reliability Corporation., Critical Infrastructure Protection (CIP) 001-011, Washington, DC, 2013.
    • (2013)
  • 155
    • 84929268337 scopus 로고    scopus 로고
    • Cyber Risk Preparedness Assessment: Table-Top Exercise 2012 Report
    • Washington, DC
    • North American Electric Reliability Corporation., Cyber Risk Preparedness Assessment: Table-Top Exercise 2012 Report, Washington, DC, 2013
    • (2013)
  • 156
    • 84929278291 scopus 로고    scopus 로고
    • Guideline 104: Information Security Baseline Requirements for Process Control
    • Safety and Support ICT Systems, Stavanger, Norway
    • Norwegian Oil and Gas Association., Guideline 104: Information Security Baseline Requirements for Process Control, Safety and Support ICT Systems, Stavanger, Norway, 2009.
    • (2009)
  • 157
    • 84929294453 scopus 로고    scopus 로고
    • Guideline 110: Implementation of Information Security in Process Control
    • Safety and Support ICT Systems during the Engineering, Procurement and Commissioning Phases, Stavanger, Norway
    • Norwegian Oil and Gas Association., Guideline 110: Implementation of Information Security in Process Control, Safety and Support ICT Systems during the Engineering, Procurement and Commissioning Phases, Stavanger, Norway, 2009.
    • (2009)
  • 158
    • 84929289144 scopus 로고    scopus 로고
    • Guideline 123: Classification of Process Control
    • Safety and Support ICT Systems based on Criticality, Stavanger, Norway
    • Norwegian Oil and Gas Association., Guideline 123: Classification of Process Control, Safety and Support ICT Systems based on Criticality, Stavanger, Norway, 2009.
    • (2009)
  • 159
    • 84887499198 scopus 로고    scopus 로고
    • Executive Order 13636: Improving Critical Infrastructure Cybersecurity
    • The White House, Washington, DC, February 12
    • B. Obama., Executive Order 13636: Improving Critical Infrastructure Cybersecurity, The White House, Washington, DC, February 12, 2013.
    • (2013)
    • Obama, B.1
  • 161
    • 85028692616 scopus 로고    scopus 로고
    • Good Practices Guide on Non-Nuclear Critical Energy Infrastructure Protection from Terrorist Attacks Focusing on Threats Emanating from Cyberspace
    • Vienna, Austria
    • Organization for Security and Cooperation in Europe., Good Practices Guide on Non-Nuclear Critical Energy Infrastructure Protection from Terrorist Attacks Focusing on Threats Emanating from Cyberspace, Vienna, Austria, 2013.
    • (2013)
  • 162
    • 84929276316 scopus 로고    scopus 로고
    • Availability based risk analysis for SCADA embedded computer systems
    • Proceedings of the International Conference on Security and Management
    • S. Papa, W. Casper and S. Nair., Availability based risk analysis for SCADA embedded computer systems, Proceedings of the International Conference on Security and Management, 2011.
    • (2011)
    • Papa, S.1    Casper, W.2    Nair, S.3
  • 163
    • 58849106722 scopus 로고    scopus 로고
    • Vulnerability assessment for critical infrastructure control systems
    • R. Parks and E. Rogers., Vulnerability assessment for critical infrastructure control systems, IEEE Security and Privacy, vol. 6(6), pp. 37-43, 2008.
    • (2008) IEEE Security and Privacy , vol.6 , Issue.6 , pp. 37-43
    • Parks, R.1    Rogers, E.2
  • 164
    • 0003748765 scopus 로고
    • Capability Maturity Model for Software
    • Version 1.1, CMU/SEI-93-TR-024, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania
    • M. Paulk, B. Curtis, M. Chrissis and C. Weber., Capability Maturity Model for Software, Version 1.1, CMU/SEI-93-TR-024, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, 1993.
    • (1993)
    • Paulk, M.1    Curtis, B.2    Chrissis, M.3    Weber, C.4
  • 166
    • 82155173457 scopus 로고    scopus 로고
    • SCADASim - A framework for building SCADA simulations
    • C. Queiroz, A. Mahmood and Z. Tari., SCADASim - A framework for building SCADA simulations, IEEE Transactions on Smart Grid, vol. 2(4), pp. 589-597, 2011.
    • (2011) IEEE Transactions on Smart Grid , vol.2 , Issue.4 , pp. 589-597
    • Queiroz, C.1    Mahmood, A.2    Tari, Z.3
  • 167
    • 84886713375 scopus 로고    scopus 로고
    • A probabilistic model to predict the survivability of SCADA systems
    • C. Queiroz, A. Mahmood and Z. Tari., A probabilistic model to predict the survivability of SCADA systems, IEEE Transactions on Industrial Informatics, vol. 9(4), pp. 1975-1985, 2013.
    • (2013) IEEE Transactions on Industrial Informatics , vol.9 , Issue.4 , pp. 1975-1985
    • Queiroz, C.1    Mahmood, A.2    Tari, Z.3
  • 168
    • 79960706891 scopus 로고    scopus 로고
    • National Checklist Program for IT Products - Guidelines for Checklist Users and Developers
    • NIST Special Publication 800-70, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland
    • S. Quinn, M. Souppaya, M. Cook and K. Scarfone., National Checklist Program for IT Products - Guidelines for Checklist Users and Developers, NIST Special Publication 800-70, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2011.
    • (2011)
    • Quinn, S.1    Souppaya, M.2    Cook, M.3    Scarfone, K.4
  • 169
    • 34548017452 scopus 로고    scopus 로고
    • Cyber security risk assessment for SCADA and DCS networks
    • P. Ralston, J. Graham and J. Hieb., Cyber security risk assessment for SCADA and DCS networks, ISA Transactions, vol. 46(4), pp. 583-594, 2007.
    • (2007) ISA Transactions , vol.46 , Issue.4 , pp. 583-594
    • Ralston, P.1    Graham, J.2    Hieb, J.3
  • 170
    • 84864408683 scopus 로고    scopus 로고
    • An open virtual testbed for industrial control system security research
    • B. Reaves and T. Morris., An open virtual testbed for industrial control system security research, International Journal of Information Security, vol. 11(4), pp. 215-229, 2012.
    • (2012) International Journal of Information Security , vol.11 , Issue.4 , pp. 215-229
    • Reaves, B.1    Morris, T.2
  • 171
    • 0035696915 scopus 로고    scopus 로고
    • Identifying, understanding and analyzing critical infrastructure interdependencies
    • S. Rinaldi, J. Peerenboom and T. Kelly, Identifying., understanding and analyzing critical infrastructure interdependencies, IEEE Control Systems, vol. 21(6), pp. 11-25, 2001.
    • (2001) IEEE Control Systems , vol.21 , Issue.6 , pp. 11-25
    • Rinaldi, S.1    Peerenboom, J.2    Kelly, T.3
  • 173
    • 36849039045 scopus 로고    scopus 로고
    • A framework for linking cybersecurity metrics to the modeling of macroeconomic interdependencies
    • J. Santos, Y. Haimes and C. Lian., A framework for linking cybersecurity metrics to the modeling of macroeconomic interdependencies, Risk Analysis, vol. 27(5), pp. 1283-1297, 2007.
    • (2007) Risk Analysis , vol.27 , Issue.5 , pp. 1283-1297
    • Santos, J.1    Haimes, Y.2    Lian, C.3
  • 174
    • 79952496582 scopus 로고    scopus 로고
    • Guidelines on Firewalls and Firewall Policy
    • NIST Special Publication 800-41, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland
    • K. Scarfone and P. Hoffman., Guidelines on Firewalls and Firewall Policy, NIST Special Publication 800-41, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland, 2009.
    • (2009)
    • Scarfone, K.1    Hoffman, P.2
  • 175
    • 84876398024 scopus 로고    scopus 로고
    • A distributed intrusion detection system for industrial automation networks
    • Proceedings of the Seventeenth IEEE International Conference on Emerging Technologies and Factory Automation
    • F. Schuster and A. Paul., A distributed intrusion detection system for industrial automation networks, Proceedings of the Seventeenth IEEE International Conference on Emerging Technologies and Factory Automation, 2012.
    • (2012)
    • Schuster, F.1    Paul, A.2
  • 177
    • 67651102640 scopus 로고    scopus 로고
    • Information security management standards: Problems and solutions
    • M. Siponen and R. Willison., Information security management standards: Problems and solutions, Information and Management, vol. 46(5), pp. 267-270, 2009.
    • (2009) Information and Management , vol.46 , Issue.5 , pp. 267-270
    • Siponen, M.1    Willison, R.2
  • 179
    • 0011790817 scopus 로고    scopus 로고
    • Capability Maturity Model Integration (CMMI)
    • Version 1.3, CMU/SEI-2010-TR-033, Carnegie Mellon University, Pittsburgh, Pennsylvania
    • Software Engineering Institute., Capability Maturity Model Integration (CMMI), Version 1.3, CMU/SEI-2010-TR-033, Carnegie Mellon University, Pittsburgh, Pennsylvania, 2010.
    • (2010)
  • 180
    • 78649548146 scopus 로고    scopus 로고
    • SCADA system cyber security - A comparison of standards
    • Proceedings of the IEEE Power and Energy Society General Meeting
    • T. Sommestad, G. Ericsson and J. Nordlander., SCADA system cyber security - A comparison of standards, Proceedings of the IEEE Power and Energy Society General Meeting, 2010.
    • (2010)
    • Sommestad, T.1    Ericsson, G.2    Nordlander, J.3
  • 181
    • 78049430884 scopus 로고    scopus 로고
    • New methodologies for security risk assessment of oil and gas industry
    • A. Srivastava and J. Gupta., New methodologies for security risk assessment of oil and gas industry, Process Safety and Environmental Protection, vol. 88(6), pp. 407-412, 2010.
    • (2010) Process Safety and Environmental Protection , vol.88 , Issue.6 , pp. 407-412
    • Srivastava, A.1    Gupta, J.2
  • 183
    • 70350162420 scopus 로고    scopus 로고
    • Volume I: Guide for Mapping Types of Information and Information Systems to Security Categories
    • NIST Special Publication 800-60, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland
    • K. Stine, R. Kissel, W. Barker, J. Fahlsing and J. Gullick., Volume I: Guide for Mapping Types of Information and Information Systems to Security Categories, NIST Special Publication 800-60, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland, 2008.
    • (2008)
    • Stine, K.1    Kissel, R.2    Barker, W.3    Fahlsing, J.4    Gullick, J.5
  • 184
    • 33645723824 scopus 로고    scopus 로고
    • Process Control System Security Metrics - State of Practice
    • Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
    • M. Stoddard, R. Carlson, Y. Haimes, D. Bodeau, C. Lian, J. Santos, C. Glantz and J. Shaw., Process Control System Security Metrics - State of Practice, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2005.
    • (2005)
    • Stoddard, M.1    Carlson, R.2    Haimes, Y.3    Bodeau, D.4    Lian, C.5    Santos, J.6    Glantz, C.7    Shaw, J.8
  • 185
    • 84946841683 scopus 로고    scopus 로고
    • Guide to Industrial Control Systems (ICS) Security
    • NIST Special Publication 800-82, National Institute of Standards and Technology, Gaithersburg, Maryland
    • K. Stouffer, J. Falco and K. Scarfone., Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, National Institute of Standards and Technology, Gaithersburg, Maryland, 2011.
    • (2011)
    • Stouffer, K.1    Falco, J.2    Scarfone, K.3
  • 186
    • 70349341748 scopus 로고    scopus 로고
    • Guide for Developing Security Plans for Federal Information Systems
    • NIST Special Publication 800-18, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland
    • M. Swanson, J. Hash and P. Bowen., Guide for Developing Security Plans for Federal Information Systems, NIST Special Publication 800-18, Revision 1, National Institute of Standards and Technology, Gaithersburg, Maryland, 2006.
    • (2006)
    • Swanson, M.1    Hash, J.2    Bowen, P.3
  • 187
    • 84929288177 scopus 로고    scopus 로고
    • Guide to Increased Security in Process Control Systems for Critical Societal Functions
    • Stockholm, Sweden
    • Swedish Emergency Management Agency., Guide to Increased Security in Process Control Systems for Critical Societal Functions, Stockholm, Sweden, 2008.
    • (2008)
  • 188
    • 84869528436 scopus 로고    scopus 로고
    • Securing Your SCADA and Industrial Control Systems
    • Department of Defense, Washington, DC
    • Technical Support Working Group., Securing Your SCADA and Industrial Control Systems, Department of Defense, Washington, DC, 2005.
    • (2005)
  • 189
    • 42549101645 scopus 로고    scopus 로고
    • Vulnerability assessment of cybersecurity for SCADA systems using attack trees
    • Proceedings of the IEEE Power and Energy Society General Meeting
    • C. Ten, C. Liu and M. Govindarasu., Vulnerability assessment of cybersecurity for SCADA systems using attack trees, Proceedings of the IEEE Power and Energy Society General Meeting, 2007.
    • (2007)
    • Ten, C.1    Liu, C.2    Govindarasu, M.3
  • 190
    • 67349092535 scopus 로고    scopus 로고
    • Vulnerability assessment of cybersecurity for SCADA systems
    • C. Ten, C. Liu and G. Manimaran., Vulnerability assessment of cybersecurity for SCADA systems, IEEE Transactions on Power Systems, vol. 23(4), pp. 1836-1846, 2008.
    • (2008) IEEE Transactions on Power Systems , vol.23 , Issue.4 , pp. 1836-1846
    • Ten, C.1    Liu, C.2    Manimaran, G.3
  • 191
    • 77955429216 scopus 로고    scopus 로고
    • A multi-layer criticality assessment methodology based on interdependencies
    • M. Theoharidou, P. Kotzanikolaou and D. Gritzalis., A multi-layer criticality assessment methodology based on interdependencies, Computers and Security, vol. 29(6), pp. 643-658, 2010.
    • (2010) Computers and Security , vol.29 , Issue.6 , pp. 643-658
    • Theoharidou, M.1    Kotzanikolaou, P.2    Gritzalis, D.3
  • 192
    • 84929291438 scopus 로고    scopus 로고
    • Update NERC Survey Data
    • Portland, Oregon
    • Tripwire., Update NERC Survey Data, Portland, Oregon, 2014.
    • (2014)
  • 193
    • 84929284284 scopus 로고    scopus 로고
    • IF-MAP Metadata for ICS Security
    • Specification Version 1.0, Revision 39, Beaverton, Oregon
    • Trusted Computing Group., IF-MAP Metadata for ICS Security, Specification Version 1.0, Revision 39, Beaverton, Oregon, 2012.
    • (2012)
  • 194
    • 84878083190 scopus 로고    scopus 로고
    • Information Assurance (IA)
    • Department of Defense Directive 8500.1, Washington, DC
    • U.S. Department of Defense., Information Assurance (IA), Department of Defense Directive 8500.1, Washington, DC, 2002.
    • (2002)
  • 195
    • 78349298200 scopus 로고    scopus 로고
    • Information Assurance (IA) Implementation
    • Department of Defense Directive 8500.2, Washington, DC
    • U.S. Department of Defense., Information Assurance (IA) Implementation, Department of Defense Directive 8500.2, Washington, DC, 2003.
    • (2003)
  • 196
    • 84994263031 scopus 로고    scopus 로고
    • Risk Management Framework (RMF) for DoD Information Technology (IT)
    • Department of Defense Instruction 8510.01, Washington, DC
    • U.S. Department of Defense., Risk Management Framework (RMF) for DoD Information Technology (IT), Department of Defense Instruction 8510.01, Washington, DC, 2014.
    • (2014)
  • 197
    • 0242314137 scopus 로고    scopus 로고
    • 21 Steps to Improve Cyber Security for SCADA Systems
    • Washington, DC
    • U.S. Department of Energy., 21 Steps to Improve Cyber Security for SCADA Systems, Washington, DC, 2002.
    • (2002)
  • 198
    • 84864172717 scopus 로고    scopus 로고
    • Energy Infrastructure Risk Management Checklists for Small and Medium Sized Energy Facilities
    • Washington, DC
    • U.S. Department of Energy., Energy Infrastructure Risk Management Checklists for Small and Medium Sized Energy Facilities, Washington, DC, 2002.
    • (2002)
  • 199
    • 84893295680 scopus 로고    scopus 로고
    • Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2)
    • Version 1.0, Washington, DC
    • U.S. Department of Energy., Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2), Version 1.0, Washington, DC, 2012.
    • (2012)
  • 200
    • 84890881933 scopus 로고    scopus 로고
    • Electricity Subsector Cybersecurity Risk Management Process
    • DOE/OE-0003, Washington, DC
    • U.S. Department of Energy., Electricity Subsector Cybersecurity Risk Management Process, DOE/OE-0003, Washington, DC, 2012.
    • (2012)
  • 201
    • 84929267988 scopus 로고    scopus 로고
    • Oil and Natural Gas Subsector Cyber Security Capability Maturity Model (ONG-C2M2)
    • Version 1.1, Washington, DC
    • U.S. Department of Energy., Oil and Natural Gas Subsector Cyber Security Capability Maturity Model (ONG-C2M2), Version 1.1, Washington, DC, 2014.
    • (2014)
  • 202
    • 84929293996 scopus 로고    scopus 로고
    • Chemical Facility Anti-Terrorism Standards Interim Final Rule
    • DHS-2006-0073, Washington, DC
    • U.S. Department of Homeland Security., Chemical Facility Anti-Terrorism Standards Interim Final Rule, DHS-2006-0073, Washington, DC, 2006.
    • (2006)
  • 203
    • 84929281503 scopus 로고    scopus 로고
    • CSAT Security Vulnerability Assessment: Questions
    • Version 1.0, Washington, DC
    • U.S. Department of Homeland Security., CSAT Security Vulnerability Assessment: Questions, Version 1.0, Washington, DC, 2008.
    • (2008)
  • 204
    • 77952070127 scopus 로고    scopus 로고
    • Recommended Practice for Patch Management of Control Systems
    • Washington, DC
    • U.S. Department of Homeland Security., Recommended Practice for Patch Management of Control Systems, Washington, DC, 2008.
    • (2008)
  • 205
    • 84929287887 scopus 로고    scopus 로고
    • CSAT Site Security Plan: Instructions
    • Version 1.0, Washington, DC
    • U.S. Department of Homeland Security., CSAT Site Security Plan: Instructions, Version 1.0, Washington, DC, 2009.
    • (2009)
  • 206
    • 84929270599 scopus 로고    scopus 로고
    • CSAT Top-Screen: Questions
    • Version 2.8, Washington, DC
    • U.S. Department of Homeland Security., CSAT Top-Screen: Questions, Version 2.8, Washington, DC, 2009.
    • (2009)
  • 207
    • 77956337148 scopus 로고    scopus 로고
    • Cyber Security Procurement Language for Control Systems
    • Washington, DC
    • U.S. Department of Homeland Security., Cyber Security Procurement Language for Control Systems, Washington, DC, 2009.
    • (2009)
  • 208
    • 84929273446 scopus 로고    scopus 로고
    • Primer Control Systems Cyber Security Framework and Technical Metrics
    • Washington, DC
    • U.S. Department of Homeland Security., Primer Control Systems Cyber Security Framework and Technical Metrics, Washington, DC, 2009.
    • (2009)
  • 209
    • 84866030010 scopus 로고    scopus 로고
    • Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies
    • Washington, DC
    • U.S. Department of Homeland Security., Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies, Washington, DC, 2009.
    • (2009)
  • 210
    • 84929279500 scopus 로고    scopus 로고
    • Risk-Based Performance Standards Guidance
    • Chemical Facility Anti-Terrorism Standards, Washington, DC
    • U.S. Department of Homeland Security., Risk-Based Performance Standards Guidance, Chemical Facility Anti-Terrorism Standards, Washington, DC, 2009.
    • (2009)
  • 211
    • 84929269539 scopus 로고    scopus 로고
    • CSAT Top-Screen Survey Application: User Guide
    • Version 1.99, Washington, DC
    • U.S. Department of Homeland Security., CSAT Top-Screen Survey Application: User Guide, Version 1.99, Washington, DC, 2010.
    • (2010)
  • 212
    • 84887982910 scopus 로고    scopus 로고
    • Catalog of Control Systems Security: Recommendations for Standards Developers
    • Washington, DC
    • U.S. Department of Homeland Security., Catalog of Control Systems Security: Recommendations for Standards Developers, Washington, DC, 2011.
    • (2011)
  • 213
    • 84929280126 scopus 로고    scopus 로고
    • CSAT Security Vulnerability Assessment Application: Instructions
    • Version 2.1, Washington, DC
    • U.S. Department of Homeland Security., CSAT Security Vulnerability Assessment Application: Instructions, Version 2.1, Washington, DC, 2011.
    • (2011)
  • 214
    • 84929261797 scopus 로고    scopus 로고
    • Cyber Security Evaluation Tool: Performing a Self Assessment
    • Washington, DC
    • U.S. Department of Homeland Security., Cyber Security Evaluation Tool: Performing a Self Assessment, Washington, DC, 2012.
    • (2012)
  • 215
    • 84929291775 scopus 로고    scopus 로고
    • ICS-CERT Year in Review 2012
    • Washington, DC
    • U.S. Department of Homeland Security., ICS-CERT Year in Review 2012, Washington, DC, 2012.
    • (2012)
  • 216
    • 84929295544 scopus 로고    scopus 로고
    • Configuring and Managing Remote Access for Industrial Control Systems
    • Washington, DC and London, United Kingdom
    • U.S. Department of Homeland Security. and Centre for the Protection of National Infrastructure, Configuring and Managing Remote Access for Industrial Control Systems, Washington, DC and London, United Kingdom, 2010.
    • (2010)
  • 217
    • 84871137164 scopus 로고    scopus 로고
    • Cyber Security Assessments of Industrial Control Systems
    • Washington, DC and London, United Kingdom
    • U.S. Department of Homeland Security. and Centre for the Protection of National Infrastructure, Cyber Security Assessments of Industrial Control Systems, Washington, DC and London, United Kingdom, 2010.
    • (2010)
  • 218
    • 84929284868 scopus 로고    scopus 로고
    • VSAT - Risk Assessment Tool for Water Sector Utilities
    • Washington, DC
    • U.S. Environmental Protection Agency., VSAT - Risk Assessment Tool for Water Sector Utilities, Washington, DC, 2010.
    • (2010)
  • 219
    • 79958292005 scopus 로고    scopus 로고
    • Cyber Security Programs for Nuclear Facilities
    • Regulatory Guide 5.71, Washington, DC
    • U.S. Nuclear Regulatory Commission., Cyber Security Programs for Nuclear Facilities, Regulatory Guide 5.71, Washington, DC, 2010.
    • (2010)
  • 220
    • 84921416886 scopus 로고    scopus 로고
    • Pipeline Security Guidelines
    • Washington, DC
    • U.S. Transportation Security Administration., Pipeline Security Guidelines, Washington, DC, 2011.
    • (2011)
  • 221
  • 222
    • 84929270750 scopus 로고    scopus 로고
    • IT Security for Generating Plants
    • Essen, Germany
    • VGB PowerTech., IT Security for Generating Plants, Essen, Germany, 2006.
    • (2006)
  • 224
    • 84875747087 scopus 로고    scopus 로고
    • Cyber security in the smart grid: Survey and challenges
    • 1371-1344
    • W. Wang and Z. Lu., Cyber security in the smart grid: Survey and challenges, Computer Networks, vol. 57(5), pp. 1371-1344, 2013.
    • (2013) Computer Networks , vol.57 , Issue.5
    • Wang, W.1    Lu, Z.2
  • 225
    • 79961197661 scopus 로고    scopus 로고
    • The Risk-to-Mission Assessment Process (RiskMAP): A Sensitivity Analysis and an Extension to Treat Confidentiality Issues
    • Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire
    • J. Watters, S. Morrissey, D. Bodeau and S. Powers., The Risk-to-Mission Assessment Process (RiskMAP): A Sensitivity Analysis and an Extension to Treat Confidentiality Issues, Institute for Information Infrastructure Protection (I3P), Dartmouth College, Hanover, New Hampshire, 2009.
    • (2009)
    • Watters, J.1    Morrissey, S.2    Bodeau, D.3    Powers, S.4
  • 227
    • 6744258985 scopus 로고    scopus 로고
    • Information Technology Security Training Requirements: A Role- and Performance-Based Model
    • NIST Special Publication 800-16, National Institute of Standards and Technology, Gaithersburg, Maryland
    • M. Wilson, D. de Zafra, S. Pitcher, J. Tressler and J. Ippolito., Information Technology Security Training Requirements: A Role- and Performance-Based Model, NIST Special Publication 800-16, National Institute of Standards and Technology, Gaithersburg, Maryland, 1998.
    • (1998)
    • Wilson, M.1    de Zafra, D.2    Pitcher, S.3    Tressler, J.4    Ippolito, J.5
  • 228
    • 33745446307 scopus 로고    scopus 로고
    • Building an Information Technology Security Awareness and Training Program
    • NIST Special Publication 800-50, National Institute of Standards and Technology, Gaithersburg, Maryland
    • M. Wilson and J. Hash., Building an Information Technology Security Awareness and Training Program, NIST Special Publication 800-50, National Institute of Standards and Technology, Gaithersburg, Maryland, 2003.
    • (2003)
    • Wilson, M.1    Hash, J.2
  • 231
    • 84893170993 scopus 로고    scopus 로고
    • Intrusion detection system for IEC 60870-5-104 based SCADA networks
    • Proceedings of the IEEE Power and Energy Society General Meeting
    • Y. Yang, K. McLaughlin, T. Littler, S. Sezer, B. Pranggono and H. Wang., Intrusion detection system for IEC 60870-5-104 based SCADA networks, Proceedings of the IEEE Power and Energy Society General Meeting, 2013.
    • (2013)
    • Yang, Y.1    McLaughlin, K.2    Littler, T.3    Sezer, S.4    Pranggono, B.5    Wang, H.6
  • 232
    • 84893445259 scopus 로고    scopus 로고
    • SCADA-specific intrusion detection/prevention systems: A survey and taxonomy
    • Proceedings of the First Workshop on Secure Control Systems
    • B. Zhu and S. Sastry., SCADA-specific intrusion detection/prevention systems: A survey and taxonomy, Proceedings of the First Workshop on Secure Control Systems, 2010.
    • (2010)
    • Zhu, B.1    Sastry, S.2


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.