scholarly journals TECHNIQUE FOR THE RISK ASSESSING OF THE CYBERPHYSICAL SYSTEMS’ INFORMATION SECURITY BASED ON THE VULNERABILITIES’ INTERCONNECT

2020 ◽  
Vol 2 (2) ◽  
pp. 54-58
Author(s):  
S. LYSENKO ◽  
◽  
A. KONDRATYUK ◽  
Keyword(s):  
Information Security ◽  
Rapid Development ◽  
Assessment Method ◽  
Cyber Physical Systems ◽  
Cyberphysical Systems ◽  
Security Risk ◽  
Physical Systems ◽  
Strategic Factor ◽  
System Risk ◽  
The Impact

Information security has been growing steadily in recent times. Every organization depends on information technology and information security of cyberphysical systems to successfully perform its work. This has become not just a condition for the stability of doing business, but the most important strategic factor for its future development, even in the current, very turbulent environment. Cyberphysical systems can contain a wide variety of entities, ranging from office networks, financial and personnel systems to highly specialized systems. The rapid development of cyber-physical systems has become due to the large number of cyberattacks, which have become one of the most powerful threats to the security of cyber-physical systems. Many studies have been conducted on the risk assessment method, and limited work has been published on quantifying the security risk of cyber-physical systems. In this paper, a technique for the risk assessing of the cyber-physical systems’ information security based on the vulnerabilities’ interconnect is proposed. Technique operates with two indicators to quantify the risk: the probability of attack success and the index of the consequences of the attack based on the graph of the vulnerability. The first indicator - the index of the probability of a successful attack is calculated taking into account the interdependencies between vulnerabilities, the second indicator when calculating the index of the consequences of the attack takes into account the impact on the physical area resulting from cyberattack. A quantitative experimental example showed whether a system risk and an optimal attack target are possible.

scholarly journals INFORMATION SYSTEM SECURITY RISK MANAGEMENT ANALYSIS IN UNIVERSITAS ADVENT INDONESIA USING OCTAVE ALLEGRO METHOD

2019 ◽  
Vol 7 (1) ◽  
pp. 1715-1724
Author(s):  
Elmor Benedict Wagiu ◽  
Raminson Siregar ◽  
Raymond Maulany
Keyword(s):  
Information Technology ◽  
Information System ◽  
Risk Management ◽  
Information Security ◽  
Business Processes ◽  
Financial Information ◽  
Security Risk ◽  
System Risk ◽  
Area Of Concern ◽  
The Impact

Universitas Advent Indonesia is one of the many universities that use information technology to support their business processes in the hope that information technology will provide significant benefits. The use of information technology in supporting a business can not be separated from the risks that might be faced. for that, good management of information technology will be the key to how much risk will be faced. In this case, the researcher will conduct an analysis of information system risk management at the Universitas Advent Indonesia. The method used by researchers is OCTAVE ALLEGRO. OCTAVE ALLEGRO is a method that is often used to carry out analysis in the field of risk management and risk assessment. The purpose of this study was to identify risks that could potentially threaten business processes at Universitas Advent Indonesia by first identifying the impact of the area, determining the scale of priorities etc. The results of the study using OCTAVE Allegro is a risk reduction approach for each area of concern of each UNAI critical information asset namely student financial information, lecturer financial information, student score information, student transcript information, and class attendance data. UNAI makes written rules regarding responsibilities in maintaining information security and sanctions for violators and do socialize about the rule well gradually to Universitas Advent Indonesia employees. Re-evaluate information security by using OCTAVE Allegro method periodically, for example, once every 2 years.

Research on the Impact of Information Security Certification and Concealment onFinancial Performance

2022 ◽  
Vol 30 (3) ◽  
pp. 0-0
Keyword(s):  
Information Security ◽  
Financial Performance ◽  
Positive Impact ◽  
Rapid Development ◽  
International Standards ◽  
Corporate Decisions ◽  
Using Data ◽  
The Impact ◽  
The Relationship ◽  
Iso 27001

With the rapid development of information technology, information security has been gaining attention. The International Organization for Standardization (ISO) has issued international standards and technical reports related to information security, which are gradually being adopted by enterprises. This study analyzes the relationship between information security certification (ISO 27001) and corporate financial performance using data from Chinese publicly listed companies. The study focusses on the impact of corporate decisions such as whether to obtain certification, how long to hold certification, and whether to publicize information regarding certification. The results show that there is a positive correlation between ISO 27001 and financial performance. Moreover, the positive impact of ISO 27001 on financial performance gradually increases with time. In addition, choosing not to publicize ISO 27001 certification can negatively affect enterprise performance.

scholarly journals Effects of Industry 4.0 on the Labor Markets of Iran and Japan

Economies ◽  
2018 ◽  
Vol 6 (3) ◽  
pp. 39 ◽  
Author(s):  
Majid Ziaei Nafchi ◽  
Hana Mohelská
Keyword(s):  
Labor Markets ◽  
Industry 4.0 ◽  
Industrial Revolution ◽  
Developed Countries ◽  
Cyber Physical Systems ◽  
Physical Systems ◽  
Science Technology ◽  
Levels Of Automation ◽  
Technology And Economy ◽  
The Impact

Industry 4.0 is the essence of the fourth Industrial revolution and is happening right now in manufacturing by using cyber-physical systems (CPS) to reach high levels of automation. Industry 4.0 is especially beneficial in highly developed countries in terms of competitive advantage, but causes unemployment because of high levels of automation. The aim of this paper is to find out if the impact of adopting Industry 4.0 on the labor markets of Iran and Japan would be the same, and to make analysis to find out whether this change is possible for Iran and Japan with their current infrastructures, economy, and policies. With the present situation of Iran in science, technology, and economy, it will be years before Iran could, or better say should, implement Industry 4.0. Japan is able to adopt Industry 4.0 much earlier than Iran and with less challenges ahead; this does not mean that the Japanese labor market would not be affected by this change but it means that those effects would not cause as many difficulties as they would for Iran.

scholarly journals OPEN-SCIENCE SPACE ISSUE: CALIBRATION OF MEASURING CHANNELS OF NON-DISMANTLING CYBER-PHYSICAL SYSTEMS

2021 ◽  
Vol 82 (3) ◽  
pp. 12-17
Author(s):  
Bohdan Stadnyk ◽  
◽  
Vasyl Yatsuk ◽  
Mykola Mykyjchuk ◽  
Svyatoslav Yatsyshyn ◽  
...  
Keyword(s):  
Physical System ◽  
Open Science ◽  
Cyber Physical Systems ◽  
Metrological Characteristics ◽  
Cyber Physical System ◽  
Cyberphysical Systems ◽  
Time Code ◽  
Efficient Operation ◽  
Physical Systems ◽  
Physical Quantities

The analysis of the concept of Open-Science Space is carried out. The existence of ways to achieve reproducibility and traceability of research results performed by a group of worldwide situated Cyber-physical system operators/supervisors is shown. Ways to ensure the efficient operation of Cyber-physical systems as complex technological nondemountable objects with high requirements for metrological characteristics have been studied. To develop the scattered cyberphysical systems, the portable stable-in-time code-controlled measures of physical quantities have been studied. They have to be metrologically confirmed in the laboratory before the delivery to the site of the measuring subsystem for its calibration.

CPS Security

2015 ◽  
pp. 119-139
Keyword(s):  
Information Security ◽  
Control Theory ◽  
Control Systems ◽  
Distributed System ◽  
Cyber Physical Systems ◽  
Physical Systems ◽  
Secure Control ◽  
Structured Information ◽  
Specialized Experts ◽  
And Control

Information security can be efficiently provided by the sound structured information and a set of specialized experts in the field of IT and CPS. The interconnection among the systems in the CPS imposes a new challenge in providing security to CPS. A concise study of CPS security is given in this chapter. The problem of secure control systems is also indentified and defined. The way the information security and control theory guards the system is explored. The security of CPSs can be enhanced using a particular set of challenges, which are also described later in this chapter. The resistance to malicious events is strengthening as cyber physical systems are part of critical structures. The CPSs are time sensitive in nature, unlike the distributed system where a little amount of delay is acceptable.

scholarly journals Information Security Risk Propagation Model Based on the SEIR Infectious Disease Model for Smart Grid

Information ◽  
2019 ◽  
Vol 10 (10) ◽  
pp. 323 ◽  
Author(s):  
Boyu Zhu ◽  
Song Deng ◽  
Yunan Xu ◽  
Xinya Yuan ◽  
Zi Zhang
Keyword(s):  
Infectious Disease ◽  
Information Systems ◽  
Information Security ◽  
Smart Grid ◽  
Disease Model ◽  
Propagation Model ◽  
Information Collection ◽  
Security Risk ◽  
Security Risks ◽  
Physical Systems

With the high integration of smart grid information and physical systems, the security of information systems must affect the safe and stable operation of physical systems. Risk assessment is an effectual means to objectively evaluate the information security threats of the smart grid. However, the existing risk assessment methods are aim at solving the threat of security risks in communication networks and information systems in the smart grid, but there is no in-depth study on how the spread of information security risks between information systems and physical systems in the smart grid. Therefore, based on the traditional infectious disease transmission theory, the information security risk propagation model based on the Susceptible–Exposed–Infected–Recovered (SEIR) infectious disease model for smart grid (ISRP-SEIRIDM) is proposed in this paper. In ISRP-SEIRIDM, we analyze the information interaction between information collection devices and define the connection of nature and the security risks between the information collection devices in the smart grid. At the same time, we also study the impact of the number of information acquisition devices and information interaction capabilities of these devices on the speed of security risk transmission between information systems and physics systems in the smart grid and the maximum risk range. Experimental results show that the risk propagation range can be significantly reduced by optimizing the data interaction capability and information transmission path between information collection devices in the smart grid; when a probability from a susceptible state to an exposed state reduces by 0.15, the maximum spread and average spread of security risk will be reduced by 7% and 1.96%, respectively.

Sign in / Sign up

Export Citation Format

Share Document