An Improved Risk Assessment Method for SCADA Information Security

J. D. Markovic-Petrovic, M. D. Stojanovic


In this paper, we address information security risk analysis in SCADA systems and propose an improved security risk assessment method in the case of attacks on the SCADA information and communication infrastructure. The assumption is that intrusion prevention/detection systems are implemented as security mechanisms. The proposed method has been demonstrated on an example of the SCADA system in a hydropower plant. Cost-benefit analysis has been performed on the basis of the Return on Security Investment.



Cyber-attack; information security; return on security investment; risk assessment; SCADA

Full Text: PDF


  • There are currently no refbacks.

Print ISSN: 1392-1215
Online ISSN: 2029-5731