Please use this identifier to cite or link to this item:
|Title:||Methodology for Experimental ICT Industrial and Critical Infrastructure Security Tests|
|Authors:||MASERA Marcelo; NAI FOVINO Igor|
|Citation:||Proceedings of the 4th International Conference on Availability, Reliability and Security (ARES 2009 - The International Dependability Conference) p. 400-405|
|JRC Publication N°:||JRC48969|
|Type:||Contributions to Conferences|
|Abstract:||The security assessment of the ICT components of critical infrastructures is nowadays a prominent problem. Risk assessment methodologies require, in order to be effective, to be fed with data regarding the functioning and the behavior of the system under analysis, the potential vulnerabilities, the results and the effects of the possible cyber-attacks etc. Unfortunately the availability of security data coming from the field is scarce, mainly due to business confidentiality reasons. Therefore, there is an urgent need for alternative data sources. The solution is to conduct security experiments, with off-line systems or in laboratories with realistic emulation of the target systems. In this paper we present a methodology that defines, step by step, how to conduct, in a systematic and rigorous way, experimental ICT security tests.|
|JRC Institute:||Institute for the Protection and Security of the Citizen|
Files in This Item:
There are no files associated with this item.
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.