Requirements Analysis for the Evaluation of Automated Security Risk Assessments

被引:0
|
作者
Ehrlich, Marco [1 ]
Lukas, Georg [2 ]
Trsek, Henning [1 ]
Jasperneite, Juegen [3 ]
Kastner, Wolfgang [4 ]
Diedrich, Christian [5 ]
机构
[1] OWL Univ Appl Sci & Arts, InIT Inst Ind IT, D-32657 Lemgo, Germany
[2] Rt Solut De GmbH, Ind Secur, D-50968 Cologne, Germany
[3] Fraunhofer IOSB INA, D-32657 Lemgo, Germany
[4] TU Wien Informat, A-1040 Vienna, Austria
[5] Otto von Guericke Univ, D-39106 Magdeburg, Germany
来源
2024 IEEE 20TH INTERNATIONAL CONFERENCE ON FACTORY COMMUNICATION SYSTEMS, WFCS | 2024年
关键词
Industry; 4.0; Security; Risk Assessment; Automation; Requirements; Evaluation; Verification; SAFETY;
D O I
10.1109/WFCS60972.2024.10540830
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The overall Industry 4.0 developments and the highly dynamic threat landscape enhance the need for continuous security engineering of industrial components, modules, and systems. Security risk assessments play a major role to ensure a secure operation of Industrial Automation and Control Systems (IACSs) but are mostly neglected due to missing resources and a lack of human experts for the sophisticated manual tasks. Therefore, a method for information and process modelling regarding the automation of security risk assessments has been previously designed, but not yet evaluated. This work in progress begins the evaluation of the automated security risk assessment concept by investigating the related work and identifying the main deficits. The results include a requirements analysis for the verification and an outlook towards future evaluation aspects.
引用
收藏
页码:180 / 183
页数:4
相关论文
共 50 条
  • [1] Determining the Target Security Level for Automated Security Risk Assessments
    Ehrlich, Marco
    Broring, Andre
    Diedrich, Christian
    Jasperneite, Jurgen
    Kastner, Wolfgang
    Trsek, Henning
    2023 IEEE 21ST INTERNATIONAL CONFERENCE ON INDUSTRIAL INFORMATICS, INDIN, 2023,
  • [2] Automated analysis of security requirements through risk-based argumentation
    Yu, Yijun
    Franqueira, Virginia N. L.
    Tun, Thein Than
    Wieringa, Roel J.
    Nuseibeh, Bashar
    JOURNAL OF SYSTEMS AND SOFTWARE, 2015, 106 : 102 - 116
  • [3] Security Requirements Analysis - A Vision for an Automated Toolchain
    Atighetchi, Michael
    Simidchieva, Borislava
    Olejnik, Katarzyna
    2019 COMPANION OF THE 19TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY (QRS-C 2019), 2019, : 97 - 104
  • [4] From risk analysis to security requirements
    Gerber, M
    von Solms, R
    COMPUTERS & SECURITY, 2001, 20 (07) : 577 - 584
  • [5] Objective Risk Evaluation for Automated Security Management
    Ahmed, Mohammad Salim
    Al-Shaer, Ehab
    Taibah, Mohamed
    Khan, Latifur
    JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT, 2011, 19 (03) : 343 - 366
  • [6] Objective Risk Evaluation for Automated Security Management
    Mohammad Salim Ahmed
    Ehab Al-Shaer
    Mohamed Taibah
    Latifur Khan
    Journal of Network and Systems Management, 2011, 19 : 343 - 366
  • [7] Automated Classification of Security Requirements
    Jindal, Rajni
    Malhotra, Ruchika
    Jain, Abha
    2016 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATIONS AND INFORMATICS (ICACCI), 2016, : 2027 - 2033
  • [8] Building Security Evaluation Lab - Requirements Analysis
    Rogowski, Dariusz
    Kurianowicz, Rafal
    Baginski, Jacek
    Pietrzak, Roman
    Flisiuk, Barbara
    BEYOND DATABASES, ARCHITECTURES AND STRUCTURES (BDAS): PAVING THE ROAD TO SMART DATA PROCESSING AND ANALYSIS, 2019, 1018 : 354 - 365
  • [9] Security risk analysis and evaluation
    Harmantzis, F
    Malek, M
    2004 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-7, 2004, : 1897 - 1901
  • [10] Maritime Security and Risk Assessments
    Perkovic, Marko
    Gucma, Lucjan
    Feuerstack, Sebastian
    JOURNAL OF MARINE SCIENCE AND ENGINEERING, 2024, 12 (06)
12345