Filters








214,435 Hits in 5.1 sec

Cybersecurity Framework for IIoT-Based Power System Connected to Microgrid

2020 KSII Transactions on Internet and Information Systems  
Keywords: Cybersecurity Framework, microgrid, industrial internet of things and the M.S degree in information security from Korea University.  ...  He is now a Ph.d student at the graduate school of information security at Korea University.  ...  inspection, security assessment, identification and certification, and system and information integrity protection -Attack using information flow for which cross-net data transfer is allowed: Identification  ... 
doi:10.3837/tiis.2020.05.020 fatcat:kdtovlsopbeg5kjqgpsbn52dji

Towards Better Understanding of Cyber Security Information Sharing

Adam Zibak, Andrew Simpson
2019 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)  
There is an increased recognition of the importance of information sharing within cyber security.  ...  A literature review, combined with an online survey, were used to capture stakeholders' perspectives.  ...  Adam Zibak's research is funded by EPSRC via the Centre for Doctoral Training in Cyber Security at the University of Oxford.  ... 
doi:10.1109/cybersa.2019.8899697 dblp:conf/cybersa/ZibakS19 fatcat:d5czbdvgxngsjnjq4kiq4v3b34

Software Security Patch Management – A Systematic Literature Review of Challenges, Approaches, Tools and Practices [article]

Nesara Dissanayake, Asangi Jayatilaka, Mansooreh Zahedi, M. Ali Babar
2021 arXiv   pre-print
, tools, and practices), the rigour of the evaluation and the industrial relevance of the reported solutions, and to identify the gaps for future research.  ...  The findings also reveal that only 20.8% of the reported solutions have been rigorously evaluated in industrial settings.  ...  Acknowledgements The authors thank the reviewers for their insights and constructive feedback.  ... 
arXiv:2012.00544v3 fatcat:eajutjxr75drnjgsygc3t7ezoi

A Three-Stage Dynamic Assessment Framework for Industrial Control System Security Based on a Method of W-HMM

Xudong Ji, Hongxing Wei, Youdong Chen, Xiao-Fang Ji, Guo Wu
2022 Sensors  
This paper proposes a dynamic assessment framework for industrial control system security (DAF-ICSS) based on machine learning and takes an industrial robot system as an example.  ...  To verify the effectiveness of DAF-ICSS, we have compared it with two assessment methods to assess industrial robot security.  ...  The industrial field focuses on assessing the system's functional safety or the static information security assessment for the design, and its security status is easily observerd [16, 17] .  ... 
doi:10.3390/s22072593 pmid:35408212 pmcid:PMC9002662 fatcat:i4ya2lwdgbcunofpedwwvmbyyi

The Influence Of Management Tone On Security Control Strength

Tim Kizirian
2011 Review of Business Information Systems (RBIS)  
The findings indicate the utilization of management security tone assessments during an IT audit, and thus, provide objective evidence on the importance of an organization's tone at the top.  ...  The IT auditors assessment of the reliability of security controls surrounding a clients information system is a vital component of the audit process.  ...  /absence of an independent information security governance function, and the presence/absence of effective communication of information security policies and procedures to employees.  ... 
doi:10.19030/rbis.v8i1.4508 fatcat:vvwhvreyybayvb3a2utfp43sse

A Nomological Network Analysis of Research on Information Security Management Systems

Fernando Parra, Laura L. Hall
2014 2014 47th Hawaii International Conference on System Sciences  
This study offers a comprehensive examination of hypothetical concepts related to the behaviors, attitudes, outcomes, processes, experiences, manifestations and indicators connected with an organization's  ...  We introduce network analysis tools as a novel approach to highlight the construct relationships found in Information Security Management Systems (ISMS) literature published in the new millennium.  ...  behavior, industry, deviant behavior, assessment Bodin, Gordon, Loeb [6] security management, security, risk management, policies, information system types, industry, access controls First, centrality  ... 
doi:10.1109/hicss.2014.536 dblp:conf/hicss/ParraH14 fatcat:vb2lqcljjvbn5jyhu2wali5j7i

Changing Requirements of Information Security landscape
english

UPASNA SALUJA, DR NORBIK IDRIS
2014 International Journal of Innovative Research in Science Engineering and Technology  
a new information security risk assessment model.  ...  Information security risk assessment has gained importance as organisations" dependence on information has grown on the one handwhile the threat environment has become complex on the other hand.  ...  Subjectivity -An issue with Information Security Risk Assessment: The existing information security risk assessment approaches are subjective in nature with risk managers largely rely upon expert judgment  ... 
doi:10.15680/ijirset.2014.0310081 fatcat:pqkkrnzxdbhn5ibec6ivyge64a

Methodology for Experimental ICT Industrial and Critical Infrastructure Security Tests

Marcelo Masera, Igor Nai Fovino
2009 2009 International Conference on Availability, Reliability and Security  
Unfortunately the availability of security data coming from the field is scarce, mainly due to business confidentiality reasons. Therefore, there is an urgent need for alternative data sources.  ...  The security assessment of the ICT components of critical infrastructures is nowadays a prominent problem.  ...  It is argued that experimental security is needed as a basic discipline for the supply of data for the assessment of the security of critical industrial systems, due to the lack of data originating from  ... 
doi:10.1109/ares.2009.49 dblp:conf/IEEEares/MaseraF09 fatcat:gddyexris5av3jfriu7buphw4y

Methodology for Experimental ICT Industrial and Critical Infrastructure Security Tests [chapter]

Igor Nai Fovino, Marcelo Masera
2008 Lecture Notes in Computer Science  
Unfortunately the availability of security data coming from the field is scarce, mainly due to business confidentiality reasons. Therefore, there is an urgent need for alternative data sources.  ...  The security assessment of the ICT components of critical infrastructures is nowadays a prominent problem.  ...  It is argued that experimental security is needed as a basic discipline for the supply of data for the assessment of the security of critical industrial systems, due to the lack of data originating from  ... 
doi:10.1007/978-3-540-89900-6_28 fatcat:bcolmjainndvxe6ovy6mmqw2cm

All That Glitters Is Not Gold: On the Effectiveness of Cybersecurity Qualifications

William Knowles, Jose M. Such, Antonios Gouglidis, Gaurav Misra, Awais Rashid
2017 Computer  
There has been a proliferation of industry-focused cyber security qualifications, which use different techniques to assess the competencies of cyber security professionals and certify them to employers  ...  There is, however, a lingering question about these qualifications: do they effectively assess the competencies of cyber security professionals?  ...  ACKNOWLEDGMENT This cyber security project was sponsored by the UK Government.  ... 
doi:10.1109/mc.2017.4451226 fatcat:v3d2k24kyjfv5c53vj4lioaxy4

Using Trust-Based Information Aggregation for Predicting Security Level of Systems [chapter]

Siv Hilde Houmb, Sudip Chakraborty, Indrakshi Ray, Indrajit Ray
2010 Lecture Notes in Computer Science  
We propose an alternative time and cost effective approach for predicting the security level of a security solution using information sources who are trusted to varying degrees.  ...  We show how to assess the trustworthiness of each information source and demonstrate how to aggregate the information obtained from them.  ...  level of experience, 0.2 for years of relevant education, and 0.5 for years of experience from industry.  ... 
doi:10.1007/978-3-642-13739-6_16 fatcat:nrtlwxinmrghfayh34zqcrtgoi

Approach to security assessment of critical infrastructures' information systems

R. Leszczyna, I.N. Fovino, M. Masera
2011 IET Information Security  
This article presents an approach to the security assessment of the information systems of critical infrastructures.  ...  In the article we describe one of the experiments related to the security study of an information system of a power planta simulation of zero-day worm attack.  ...  Acknowledgements We would like to thank Janusz Górski, Łukasz Cyra and Aleksander Jarzębowicz as well as the other members of IAG (Information Assurance Group, http://iag.pg.gda.pl/iag/) for their valuable  ... 
doi:10.1049/iet-ifs.2010.0261 fatcat:lgnqcfjppzh35fvvfldvrgwniu

Security vulnerabilities and risks in industrial usage of wireless communication

S. Plosz, A. Farshad, M. Tauber, C. Lesjak, T. Ruprechter, N. Pereira
2014 Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA)  
M2M communication in industrial applications. Such industrial applications often have specific security requirements.  ...  We present a comprehensive overview of security issues and features in existing WLAN, NFC and ZigBee standards, investigating the usage characteristics of these standards in industrial environments.  ...  We would also like to thank Pál Varga for inspiring discussions and guidance.  ... 
doi:10.1109/etfa.2014.7005129 dblp:conf/etfa/PloszFTLRP14 fatcat:5i4nft567jecrbck7lk5yeoms4

Patching Power System Software Vulnerability Using CNNVD

Qin-qin WU, Li-hao WEI, Zhi-qiang LIANG, Zhi-wen YU, Min CHEN, Zhi-hua CHEN, Jin-jun TAN
2019 DEStech Transactions on Computer Science and Engineering  
This paper proposes a novel software patching mechanism based on CNNVD for power systems. This mechanism can patch power systems software vulnerability quickly.  ...  Vulnerabilities in software represent a serious risk for power systems. The number of vulnerabilities is increasing rapidly due to the development of new hacking techniques.  ...  In order to effectively perform the functions of vulnerability analysis and risk assessment, CNNVD is responsible for the construction of the national information security vulnerability database for operation  ... 
doi:10.12783/dtcse/ccme2018/28630 fatcat:jlik73h3nbennfdjis25wd2rcq

INFORMATION SECURITY EFFECTIVENESS: A RESEARCH FRAMEWORK

2011 Issues in Information Systems  
Research literature in information security suggests that clarity in policies, systems auditing and clear deterrence practices enhance organizational information security effectiveness.  ...  In this paper we analyze research framework defining how the three constructs: security policies, deterrence practices and systems auditing impact information security effectiveness.  ...  To assess security effectiveness, we developed items that capture information about major accomplishments of the security program in organizations.  ... 
doi:10.48009/1_iis_2011_246-255 fatcat:phkglqy2svcynj3r4yp7h5whkq
« Previous Showing results 1 — 15 out of 214,435 results