Studying SCADA Organisations Information Security Goals: An Integrated System Theory Approach
نویسندگان
چکیده
Security awareness and its implementation within an organisation is crucial for preventing deliberate attacks or/and minimise system failures on organisation’s system especially where critical infrastructure is involved including energy, water, gas and etc. This study is based on Integrated System Theory (IST) and focuses on measuring and assessing security goals including policies, risk management, internal control and contingency management implemented in 101 organisations that operate Supervisory Control and Data Acquisition (SCADA) Systems. The data collected were analysed using structural equation modelling to test the structural and measurement model. The major finding of this study is that organisational information security goals are strongly related to the key measurement indicators, which include items assessing security policies, risk management, internal controls and contingency management.
منابع مشابه
Risk Modelling the Transition of SCADA System to IPv6
SCADA is one of a set of manufacturing-and-control systems that are used to monitor and control critical infrastructure. Such systems extensively utilise communications network protocols such as TCP/IP to interconnect a diverse array of components. A major forthcoming change within TCP/IP is the adoption of the IPv6 protocol and inevitably this change will affect SCADA systems. However IPv6 int...
متن کاملImproving SCADA Control Systems Security with Software Vulnerability Analysis
Cyber security threats and attacks are greatly affecting the security of critical infrastructure, industrial control systems, and Supervisory Control and Data Acquisition (SCADA) control systems. Despite growing awareness of security issues especially in SCADA networks, there exist little or scarce information about SCADA vulnerabilities and attacks. The emergence of Internet and World Wide Web...
متن کاملA Petri-net Model for Operational Cycle in SCADA Systems
Supervisory control and data acquisition (SCADA) system monitors and controls industrial processes in critical infrastructures (CIs) and plays the vital role in maintaining the reliability of CIs such as power, oil, and gas system. In fact, SCADA system refers to the set of control process, which measures and monitors sensors in remote substations from a control center. These sensors usually ha...
متن کاملVSCADA: An Integrated Heterogeneous Testbed for Power System Utility Security Modeling and Simulation
The economic operations of the United States is reliant on complex large-scale cyberphysical systems which include electric power grids, oil and gas systems, transportation systems, etc. To protect these systems and their control from security threats and to improve the robustness and resilience of these systems, are important goals. Since all these systems have Supervisory Control and Data Acq...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کامل