Skip to main content

Research Repository

Advanced Search

A holistic approach for cyber assurance of critical infrastructure with the viable system model

Spyridopoulos, Theodoros; Topa, Ioanna Aikaterini; Tryfonas, Theo; Karyda, Maria

A holistic approach for cyber assurance of critical infrastructure with the viable system model Thumbnail


Authors

Ioanna Aikaterini Topa

Theo Tryfonas

Maria Karyda



Abstract

© IFIP International Federation for Information Processing 2014. Industrial Control Systems (ICSs) are of the most important components of National Critical Infrastructure. They can provide control capabilities in complex systems of critical importance such as energy production and distribution, transportation, telecoms etc. Protection of such systems is the cornerstone of essential service provision with resilience and in timely manner. Effective risk management methods form the basis for the protection of an Industrial Control System. However, the nature of ICSs render traditional risk management methods insufficient. The proprietary character and the complex interrelationships of the various systems that form an ICS, the potential impacts outside its boundaries, along with emerging trends such as the exposure to the Internet, necessitate revisiting traditional risk management methods, in a way that treat an ICS as a system-of-systems rather than a single, one-off entity. Towards this direction, in this paper we present enhancements to the traditional risk management methods at the phase of risk assessment, by utilising the cybernetic construct of the Viable System Model (VSM) as a means towards a holistic view of the risks against Critical Infrastructure. For the purposes of our research, utilising VSM’s recursive nature, we model the Supervisory Control and Data Acquisition (SCADA) system, a most commonly used ICS, as a VSM and identify the various assets, interactions with the internal and external environment, threats and vulnerabilities.

Citation

Spyridopoulos, T., Topa, I. A., Tryfonas, T., & Karyda, M. (2014). A holistic approach for cyber assurance of critical infrastructure with the viable system model. In ICT Systems Security and Privacy Protection (438-445). https://doi.org/10.1007/978-3-642-55415-5_37

Conference Name 29th IFIP TC 11 International Conference, SEC 2014
Conference Location Marrakech, Morocco
Start Date Jun 2, 2014
End Date Jun 4, 2014
Acceptance Date Mar 13, 2014
Publication Date Jan 1, 2014
Publicly Available Date Jun 6, 2019
Print ISSN 1868-4238
Publisher Springer Verlag (Germany)
Peer Reviewed Peer Reviewed
Volume 428
Pages 438-445
Series Title IFIP Advances in Information and Communication Technology
Book Title ICT Systems Security and Privacy Protection
ISBN 9783642554148
DOI https://doi.org/10.1007/978-3-642-55415-5_37
Keywords cyber assurance, critical infrastructure, industrial control systems, viable system model, holistic approach
Public URL https://uwe-repository.worktribe.com/output/826725
Publisher URL http://dx.doi.org/10.1007/978-3-642-55415-5_37
Additional Information Title of Conference or Conference Proceedings : 29th IFIP TC 11 International Conference, SEC 2014

Files




You might also like



Downloadable Citations