Analysis of the probability implementation of threats protection of information in industrial control systems
DOI:
https://doi.org/10.18372/2410-7840.16.6284Keywords:
threat, information protection, industrial control systems, vulnerability, risk, lifecycleAbstract
For the purpose of the decision of the tasks connected to support of information security of industrial control systems the analysis of threats of information security and the detailed description of sources of deliberate threats is carried out. The analysis of vulnerabilities information security of the industrial control systems, classification and the reasons of their origin is made. Recommendations about elimination or leveling of these vulnerabilities are made. Expression for determination of probability of implementation of threats of the information is resulted. Correlations between threats, vulnerabilities and risk for the industrial control systems are researched. Lifecycle of probability of implementation of threats of information security of the industrial control systems is resulted and the initial data necessary for the given analysis is formulated.
References
Гончар С.Ф. Особенности обеспечения кибербезопасности индустриальных систем управления: тези доповідей міжнародної науково-практичної конференції «Проблеми та перспективи розвитку енергетики, електротехнологій та автоматики в АПК», Київ, - 2013. - С. 36-37.
Мохор В.В. Наставления по кибербезопасности (ISO/IEC 27032:2012) / В.В.Мохор, А.М. Богданов, А.С. Килевой — К.: ООО «ТриК», 2013. — 129 с.
Power systems management and associated information exchange — Data and communications securi-ty: IEC 62351-1. — Part 1: Communication network and system security — Introduction to security issues.
Guide to Industrial Control Systems (ICS) Security: NIST Special Publication 800-82. — Recommendations of the National Institute of Standards and Technology.
Information technology — Security techniques — Information security risk management: BS ISO/IEC 27005:2008.
Industrial communication networks — Network and system security: IEC 62443, Part 3.
Gonchar S.F. Features of cybersecurity industrial control systems : Materials of International Scientific Conference "Problems and prospects of power en-gineering, electrotechnology and automation in agri-culture", 2013, pp. 36-37.
Mokhor V.V. Guidelines for cybersecurity (ISO/IEC 27032:2012), 2013, 129 p.
Power systems management and associated infor-mation exchange — Data and communications securi-ty: IEC 62351-1. — Part 1: Communication network and system security — Introduction to security issues.
Guide to Industrial Control Systems (ICS) Security: NIST Special Publication 800-82. — Recommendations of the National Institute of Standards and Technology.
Information technology — Security techniques — Information security risk management: BS ISO/IEC 27005:2008.
Industrial communication networks — Network and system security: IEC 62443, Part 3.
Downloads
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
