An Improved Risk Assessment Method for SCADA Information Security
Keywords:Cyber-attack, information security, return on security investment, risk assessment, SCADA
AbstractIn this paper, we address information security risk analysis in SCADA systems and propose an improved security risk assessment method in the case of attacks on the SCADA information and communication infrastructure. The assumption is that intrusion prevention/detection systems are implemented as security mechanisms. The proposed method has been demonstrated on an example of the SCADA system in a hydropower plant. Cost-benefit analysis has been performed on the basis of the Return on Security Investment.
How to Cite
The copyright for the paper in this journal is retained by the author(s) with the first publication right granted to the journal. The authors agree to the Creative Commons Attribution 4.0 (CC BY 4.0) agreement under which the paper in the Journal is licensed.
By virtue of their appearance in this open access journal, papers are free to use with proper attribution in educational and other non-commercial settings with an acknowledgement of the initial publication in the journal.