论文信息 - An introduction to buildings cybersecurity framework

An introduction to buildings cybersecurity framework

This paper presents an introduction to the Buildings Cybersecurity Framework (BCF). The BCF provides the organizations with a set of cybersecurity best practices, policies and procedures to improve their cybersecurity posture; defines structured methodologies to interact cybersecurity activities and outcomes from the executive to operations levels. The foundation of the BCF core is based on five core elements defined by the National Institute of Standards and Technology (NIST) Cybersecurity Framework: Identify, Protect, Detect, Respond and Recover. Those five core elements were crafted to address evolving cybersecurity threats and vulnerabilities. With the BCF, an organization will be able to: assess their target cybersecurity state and current cybersecurity posture; identify and prioritize improvement opportunities and necessary actions by continuous and repeatable process; assess progress towards the target state; and communicate cybersecurity risk among internal and external stakeholders. This paper is a miniature of the ∼100-page Buildings Cybersecurity Framework, and the goal of this paper is to explicate the applicability of BCF in different types of buildings such as Residential, Small Commercial, Large Commercial, and Federal buildings. Note that the framework itself is a detailed version of the various aspects discussed in this paper.

[1] Karen A. Scarfone,et al. Guide to Industrial Control Systems (ICS) Security , 2015 .

[2] Xiaohui Liang,et al. Securing smart grid: cyber attacks, countermeasures, and challenges , 2012, IEEE Communications Magazine.

[3] Joint Task Force Transformation Initiative,et al. Security and Privacy Controls for Federal Information Systems and Organizations , 2013 .

[4] Heejo Lee,et al. This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[5] Annabelle Lee,et al. Guidelines for Smart Grid Cyber Security , 2010 .

[6] Ning Lu,et al. Smart-grid security issues , 2010, IEEE Security & Privacy.

[7] Khurram Shahzad,et al. P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language , 2015, IEEE Trans. Dependable Secur. Comput..

[8] G. Manimaran,et al. Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.