An Improved Risk Assessment Method for SCADA Information Security
AbstractIn this paper, we address information security risk analysis in SCADA systems and propose an improved security risk assessment method in the case of attacks on the SCADA information and communication infrastructure. The assumption is that intrusion prevention/detection systems are implemented as security mechanisms. The proposed method has been demonstrated on an example of the SCADA system in a hydropower plant. Cost-benefit analysis has been performed on the basis of the Return on Security Investment.
Authors retain copyright and grant the journal the right of the first publication with the paper simultaneously licensed under the Creative Commons Attribution 4.0 (CC BY 4.0) licence.
Authors are allowed to enter into separate, additional contractual arrangements for the non-exclusive distribution of the paper published in the journal with an acknowledgement of the initial publication in the journal.
Copyright terms are indicated in the Republic of Lithuania Law on Copyright and Related Rights, Articles 4-37.