@book{JRC36469,
	editor = {},
	address = {New York (United States of America)},
	year = {2007},
	author = {Nai Fovino I and Masera M},
	isbn = {978-0-387-75461-1},
	abstract = {The pervasive use of the information and communication technologies (ICT) in Critical Infrastructures requires the introduction of specific security assessment approaches. The study of the local effects of vulnerabilities and failures has to be put in the context of the whole system, as ICT systems are highly interconnected. In addition most industrial control and communication systems are getting connected with corporate information systems. This facilitates the access from internal and external networks, and converts ICT security assessment in a primary concern. 
		Some approaches have been proposed based on the relationships between structural and functional descriptions and security goals, and at associating vulnerabilities to known attacks. These methodologies are typically based on the analysis of local problems. In the present paper, we want to propose a further step: the systematic correlation and analysis of structural, functional and security information, under a service–oriented light.  In order to achieve this objective we propose to center the analysis on the concept of service, linking the interactions among services (modeled as service chains) with that of vulnerabilities, threats and attacks. It is demonstrated how this approach facilitates the assessment of security
		
		
		
		
		
		
		},
	title = {A Service Oriented Approach to the Assessment of Infrastructure Security},
	url = {http://www.springer.com/west/home/computer?SGWID=4-146-22-173762311-0},
	volume = {},
	number = {},
	journal = {},
	pages = {367-380},
	issn = {},
	publisher = {Springer},
	doi = {}
}