Analysis of the probability implementation of threats protection of information in industrial control systems
DOI:
https://doi.org/10.18372/2410-7840.16.6284Keywords:
threat, information protection, industrial control systems, vulnerability, risk, lifecycleAbstract
For the purpose of the decision of the tasks connected to support of information security of industrial control systems the analysis of threats of information security and the detailed description of sources of deliberate threats is carried out. The analysis of vulnerabilities information security of the industrial control systems, classification and the reasons of their origin is made. Recommendations about elimination or leveling of these vulnerabilities are made. Expression for determination of probability of implementation of threats of the information is resulted. Correlations between threats, vulnerabilities and risk for the industrial control systems are researched. Lifecycle of probability of implementation of threats of information security of the industrial control systems is resulted and the initial data necessary for the given analysis is formulated.
References
Гончар С.Ф. Особенности обеспечения кибербезопасности индустриальных систем управления: тези доповідей міжнародної науково-практичної конференції «Проблеми та перспективи розвитку енергетики, електротехнологій та автоматики в АПК», Київ, - 2013. - С. 36-37.
Мохор В.В. Наставления по кибербезопасности (ISO/IEC 27032:2012) / В.В.Мохор, А.М. Богданов, А.С. Килевой — К.: ООО «ТриК», 2013. — 129 с.
Power systems management and associated information exchange — Data and communications securi-ty: IEC 62351-1. — Part 1: Communication network and system security — Introduction to security issues.
Guide to Industrial Control Systems (ICS) Security: NIST Special Publication 800-82. — Recommendations of the National Institute of Standards and Technology.
Information technology — Security techniques — Information security risk management: BS ISO/IEC 27005:2008.
Industrial communication networks — Network and system security: IEC 62443, Part 3.
Gonchar S.F. Features of cybersecurity industrial control systems : Materials of International Scientific Conference "Problems and prospects of power en-gineering, electrotechnology and automation in agri-culture", 2013, pp. 36-37.
Mokhor V.V. Guidelines for cybersecurity (ISO/IEC 27032:2012), 2013, 129 p.
Power systems management and associated infor-mation exchange — Data and communications securi-ty: IEC 62351-1. — Part 1: Communication network and system security — Introduction to security issues.
Guide to Industrial Control Systems (ICS) Security: NIST Special Publication 800-82. — Recommendations of the National Institute of Standards and Technology.
Information technology — Security techniques — Information security risk management: BS ISO/IEC 27005:2008.
Industrial communication networks — Network and system security: IEC 62443, Part 3.
Downloads
How to Cite
Issue
Section
License
The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.
All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.
Copyright
Authors who publish their works in the journal:
-
retain the copyright to their publications;
-
grant the journal the right of first publication of the article;
-
agree to the distribution of their materials under the CC BY 4.0 license;
-
have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.
