A review of cyber security risk assessment methods for SCADA systems

A review of cyber security risk assessment methods for SCADA systems

This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computers & security 2016-02, Vol.56, p.1-27
Hauptverfasser: Cherdantseva, Yulia, Burnap, Pete, Blyth, Andrew, Eden, Peter, Jones, Kevin, Soulsby, Hugh, Stoddart, Kristan
Format: Artikel
Sprache:eng
Schlagworte:
Control systems
Cyber security
Cybersecurity
ICS
Impact analysis
Review
Risk analysis
Risk assessment
Risk assessment methods
Risk management
SCADA
Studies
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim; application domain; the stages of risk management addressed; key risk management concepts covered; impact measurement; sources of probabilistic data; evaluation and tool support. Based on the analysis, we suggest an intuitive scheme for the categorisation of cyber security risk assessment methods for SCADA systems. We also outline five research challenges facing the domain and point out the approaches that might be taken.
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2015.09.009