AN ASSET-BASED APPROACH FOR INDUSTRIAL CYBER SECURITY VULNERABILITY ANALYSIS
暂无分享,去创建一个
A method is described and an example provided for identifying and analyzing threats and vulnerabilities of process plants to attacks on cyber systems by terrorists, saboteurs, and other criminals. The approach considers how cyber assets can be exploited by assailants to cause harm. It defines threat events by pairing threats with cyber assets and considers vulnerabilities to attack, existing countermeasures to protect cyber systems and the need for new or improved countermeasures. Previous security vulnerability analysis (SVA) methods have focused on physical and personnel security. Cyber security has not been addressed explicitly. Studies using the method described can be performed as adjuncts to existing SVAs, as part of future SVAs, or as stand-alone cyber SVAs (CSVA). The method can also be used to consider all types of security issues in a single analysis including physical, personnel, information and cyber security, or one of these areas may be studied individually.
[1] Paul Baybutt. SCREENING FACILITIES FOR CYBER SECURITY RISK ANALYSIS , 2003 .
[2] Paul Baybutt. PROCESS SECURITY MANAGEMENT SYSTEMS: PROTECTING PLANTS AGAINST THREATS , 2003 .
[3] Paul Baybutt. Assessing risks from threats to process plants: Threat and vulnerability analysis , 2002 .
[4] Paul Baybutt. SAFETY Inherent Security: Protecting Process Plants Against Threats , 2003 .