Title: Methodology for Experimental ICT Industrial and Critical Infrastructure Security Tests
Authors: MASERA MarceloNAI FOVINO Igor
Citation: Proceedings of the 4th International Conference on Availability, Reliability and Security (ARES 2009 - The International Dependability Conference) p. 400-405
Publisher: IEEE
Publication Year: 2009
JRC Publication N°: JRC48969
URI: http://www2.computer.org/portal/web/csdl/doi/10.1109/ARES.2009.49
http://publications.jrc.ec.europa.eu/repository/handle/JRC48969
DOI: 10.1109/ARES.2009.49
Type: Contributions to Conferences
Abstract: The security assessment of the ICT components of critical infrastructures is nowadays a prominent problem. Risk assessment methodologies require, in order to be effective, to be fed with data regarding the functioning and the behavior of the system under analysis, the potential vulnerabilities, the results and the effects of the possible cyber-attacks etc. Unfortunately the availability of security data coming from the field is scarce, mainly due to business confidentiality reasons. Therefore, there is an urgent need for alternative data sources. The solution is to conduct security experiments, with off-line systems or in laboratories with realistic emulation of the target systems. In this paper we present a methodology that defines, step by step, how to conduct, in a systematic and rigorous way, experimental ICT security tests.
JRC Institute:Institute for the Protection and Security of the Citizen

Files in This Item:
There are no files associated with this item.


Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.