Measuring the Risk of Cyber Attack in Industrial Control Systems

Date

2016-08-25

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

BCS eWiC

Type

Conference

Peer reviewed

Yes

Abstract

Cyber attacks on industrial control systems (ICS) that underpin critical national infrastructure can be characterised as high-impact, low-frequency events. To date, the volume of attacks versus the overall global footprint of ICS is low, and as a result there is an insufficient dataset to adequately assess the risk to an ICS operator, yet the impacts are potentially catastrophic. This paper identifies key elements of existing decision science that can be used to inform and improve the cyber security of ICS against antagonistic threats and highlights the areas where further development is required to derive realistic risk assessments, as well as detailing how data from established safety processes may inform the decision-making process. The paper concludes by making recommendations as to how a validated dataset could be constructed to support investment in ICS cyber security.

Description

Open Access article

Keywords

ICS, Risk assessment,

Citation

Cook A., Smith R., Maglaras L. and Janicke H. (2016) Measuring the Risk of Cyber Attack in Industrial Control Systems. Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research (ICS-CSR 2016), Belfast, 23-25 August 2016, DOI: 10.14236/ewic/ICS2016.12

Rights

Research Institute

Cyber Technology Institute (CTI)