scholarly journals A safety/security risk analysis approach of Industrial Control Systems: A cyber bowtie – combining new version of attack tree with bowtie analysis

2018 ◽  
Vol 72 ◽  
pp. 175-195 ◽  
Author(s):  
H. Abdo ◽  
M. Kaouk ◽  
J.-M. Flaus ◽  
F. Masse
Keyword(s):  
Risk Analysis ◽  
Control Systems ◽  
Analysis Approach ◽  
Security Risk ◽  
Industrial Control ◽  
Attack Tree ◽  
Industrial Control Systems

scholarly journals A new safety and security risk analysis framework for industrial control systems

2018 ◽  
Vol 233 (2) ◽  
pp. 151-174
Author(s):  
Siwar Kriaa ◽  
Marc Bouissou ◽  
Youssef Laarouchi
Keyword(s):  
Risk Analysis ◽  
Control Systems ◽  
Information And Communication Technologies ◽  
Joint Modeling ◽  
Automatic Generation ◽  
Cyber Attacks ◽  
Security Risk ◽  
Industrial Control ◽  
Security Risks ◽  
Industrial Control Systems

The migration of modern industrial control systems toward information and communication technologies exposes them to cyber-attacks that can alter the way they function, thereby causing adverse consequences on the system and its environment. It has consequently become crucial to consider security risks in traditional safety risk analyses for industrial systems controlled by modern industrial control system. We propose in this article a new framework for safety and security joint risk analysis for industrial control systems. S-cube (for supervisory control and data acquisition safety and security joint modeling) is a new model-based approach that enables, thanks to a knowledge base, formal modeling of the physical and functional architecture of cyber-physical systems and automatic generation of a qualitative and quantitative analysis encompassing safety risks (accidental) and security risks (malicious). We first give the principle and rationale of S-cube and then we illustrate its inputs and outputs on a case study.

scholarly journals Specification of the Current State Vulnerabilities Related to Industrial Control Systems

2015 ◽  
Vol 11 (5) ◽  
pp. 64
Author(s):  
Jan Vávra ◽  
Martin Hromada ◽  
Roman Jašek
Keyword(s):  
Control System ◽  
Control Systems ◽  
Fundamental Question ◽  
Industrial Control System ◽  
Security Risk ◽  
Considerable Effort ◽  
Industrial Control ◽  
Industrial Control Systems ◽  
Current State ◽  
True Distribution

The contemporary trend of increasing connectivity, interoperability and efficiency of technologies, which are used in organizations, also affected Industrial Control System (further only ICS). The recently isolated system is becoming more dependent on interconnection with external technologies. This leads to a formation of new vulnerabilities, which are significant threats to ICS. For this reason, it is necessary to devote considerable effort to analyze vulnerabilities. Neglecting of this area could lead to damage or unavailability of ICS services. The purpose of the article is to evaluate vulnerabilities related to individual elements of ICS. The fundamental question of the article is to find a true distribution of security risk related to ICS.

Sign in / Sign up

Export Citation Format

Share Document