A Structured Security Assessment Methodology for Manufacturers of Critical Infrastructure Components
نویسندگان
چکیده
Protecting our critical infrastructures like energy generation and distribution, telecommunication, production and traffic against cyber attacks is one of the major challenges of the new millennium. However, as security is such a complex and multilayer topic often the necessary structured foundation is missing for a manufacturer to assess the current security level of a system. This paper intro-duces a methodology for structured security assessments which has been success-fully applied during the development of several products for critical infrastruc-tures. The methodology is described in detail and the lessons learnt are given from applying it to several systems during their development.
منابع مشابه
Security Assessment Methodology for Critical Infrastructure Components
Protecting critical infrastructure assets such as telecommunications networks and energy generation and distribution facilities from cyber attacks is a major challenge. However, because security is a complex and multi-layered topic, a foundation for manufacturers to assess the security of products used in critical infrastructures is often missing. This paper describes a structured security asse...
متن کاملRisk assessment of multi-order dependencies between critical ICT infrastructures
Assessing risk in information and communication infrastructures is a challenging topic due to the complexity of critical infrastructures (CIs) and of the various dependencies between such infrastructures. This chapter discusses the basic concepts of risk assessment for CIs. Moreover, it describes a recently proposed methodology for criticality assessment. The main goal of this methodology is to...
متن کاملOutlining Comprehensive Security Analysis of a Critical Infrastructure Network
This paper outlines a security assessment methodology for analysing critical infrastructure networks. The focus is on intentional attacks against critical infrastructure, but otherwise the scope is not delimited much. Comprehensive security analysis of a critical infrastructure network requires an assessment of the probability of an attack, the probability of success of the attack, the propagat...
متن کاملA Service-Oriented Approach for Assessing Infrastructure Security
The pervasive use of information and communication technologies (ICT) in critical infrastructures requires security assessment approaches that consider the highly interconnected nature of ICT systems. Several approaches incorporate the relationships between structural and functional descriptions and security goals, and associate vulnerabilities with known attacks. However, these methodologies a...
متن کاملVulnerabilities and Security Limitations of current IP Telephony Systems
Within the traditional telephone system a certain level of quality and security has been established over the years. If we try to use IP Telephony systems as a core part of our future communication infrastructure (e.g. as classical PBX enhancement or replacement) continuous high availability, stable and error-free operation and the protection of the privacy of the spoken word are challenges, th...
متن کامل