Gap-and-IMECA-Based Assessment of I&amp;C Systems Cyber Security

Kharchenko, Vyacheslav; Amann, Anton; Sklyar, Vladimir; Kovalenko, Andriy; Siora, Olexandr

doi:10.1007/978-3-642-30662-4_10

Cited by 6 publications

(5 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In our previous works, we presented different modifications of FMECA that could be applied to different domains. In particular, IMECA is intended for security assessment by analyzing intrusions and their effects [27][28][29].…”

Section: Discussionmentioning

confidence: 99%

“…One of the modifications of FMECA is IMECA, which follows a similar procedure but aims to assess information security or cybersecurity. IMECA is based on chains "threatvulnerability-attack/intrusion, effects, assessment of criticality in terms of violation of the cybersecurity properties (confidentiality, integrity, accessibility), and, under certain conditions, functional security as well [27][28][29]. A unified approach combining FMECA, IMECA, and other assessment methods was referred to in our previous publications as XMECA [30,31].…”

Section: State Of the Artmentioning

confidence: 99%

“…Therefore, a gap could be defined as a part of such discrepancies (related to the use of an inappropriate tool or introduced by humans, or due to shortcoming of development technique). In other words, a gap is a set of inconsistencies (discrepancies) of any single process within the critical instrumentation and control system life cycle [29] that may introduce some anomalies (e.g., vulnerabilities) to its product and/or cannot detect (and eliminate) existing anomalies in the product.…”

Section: Application Of Xmeca For Cybersecurity Assessmentmentioning

confidence: 99%

See 2 more Smart Citations

Towards Trustworthy Safety Assessment by Providing Expert and Tool-Based XMECA Techniques

et al. 2022

Self Cite

View full text Add to dashboard Cite

Safety assessment of modern critical instrumentation and control systems is a complicated process considerably dependent on expert techniques, single/multiple faults consideration scope, other assumptions, invoked limitations, and support tools used during the assessment process. Ignoring these assumptions, as well as the significance of expert and tool influence, could lead to such effects as functional safety underestimation or overestimation in such a manner that functional safety assessment correctness and accuracy are affected. This paper introduces XMECA (x modes, effects, and criticality analysis, where x could be from different known techniques and domains—failures in functional safety, vulnerabilities and intrusions regarding cybersecurity, etc.) as a key technique of safety assessment. To verify the results obtained as XMECA deliverables, expert and uncertainty modes, effects, and criticality analysis (EUMECA) is performed, in particular focusing on decisions and judgments made by experts. Scenarios for processing verbal and quantitative information of XMECA tables from experts are offered. A case study of a possible functional safety assessment approach that considers the above-mentioned techniques and a supporting tool is provided. To assess the trustworthiness of safety analysis and estimation using XMECA, a set of the metrics is suggested. Features of adapting the suggested method for security assessment considering intrusions, vulnerabilities, and effects analysis (IMECA technique) are discussed.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: State Of the Artmentioning

confidence: 99%

Section: Application Of Xmeca For Cybersecurity Assessmentmentioning

confidence: 99%

See 1 more Smart Citation

Towards Trustworthy Safety Assessment by Providing Expert and Tool-Based XMECA Techniques

et al. 2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…The algorithm, which is based on IMECA technique, intended for a comprehensive analysis and assessment of complex products/systems, comprises the following consequent steps 8 :…”

Section: Algorithm Of Imeca Analysismentioning

confidence: 99%

IMECA-based Technique for Security Assessment of Private Communications: Technology and Training

Androulidakis¹,

Kharchenko²,

Kovalenko³

2016

IISIJ

Self Cite

View full text Add to dashboard Cite

Nowadays, almost everywhere, there are a huge number of privately owned telephone exchanges that serve the communication needs of a private or public entity making connections among internal telephones and linking them to other users in the public telephone network. Such communications cover most vital infrastructures, including hospitals, ministries, police, army, banks, public bodies/authorities, companies, industries and so on. The purpose of this paper is to raise awareness in regards to security and privacy threats present in private communications, helping both users and vendors safeguard their systems. This article provides an introduction to private branch exchanges (PBXs) and private communications, and a review of relevant threats and vulnerabilities. Finally, one possible approach to assessment of private communications security is presented, along with appropriate taxonomies. Such approach relies on performing gap analysis and is based on the IMECA technique.

show abstract

“…IMECA-based analysis of Internet of Drones vulnerabilities and choice of countermeasures to minimize risks of successful cyberattacks [45];…”

mentioning

confidence: 99%

UAV Fleet as a Dependable Service for Smart Cities: Model-Based Assessment and Application

et al. 2022

Self Cite

View full text Add to dashboard Cite

The paper suggests a model-based approach to assessment and choice of parameters of unmanned aerial vehicle (UAV) fleets applied as one of the main services for Smart Cities and recommendations to assure their dependability. The principles of building and modeling a UAV Fleet as a Dependable Service (UAVFaaDS) for Smart Cities are formulated. Dependability issues for UAVFaaDS including a taxonomy of UAVF failures caused by equipment faults and attacks on assets were specified. The main results cover methodology, classification of UAVFaaDS models as models of queuing systems, and a set of queueing theory-based models for assessment of UAVFaaDS performance, and availability allowing for analysis and choice of fleet parameters. The efficiency of UAVFaaDS is assessed by the probability of successful delivery of services. The proposed modeling base and algorithms provide a choice of appropriate models for analysis and synthesis of UAVFaaDS, grounding of parameters of UAV fleets considering operation modes, and maintenance policy. The application of the developed models and algorithms during the synthesis of UAVFaaDS allows choosing the appropriate parameters of the fleet and ensuring the dependability of services, as well as service of orders with a probability of 0.9–0.99 depending on the requirements. Two cases of UAVFaaDS application for delivery of medicines in normal and emergence modes, models’ development, and recommendations for their utilization are discussed.

show abstract

Gap-and-IMECA-Based Assessment of I&C Systems Cyber Security

Cited by 6 publications

References 6 publications

Towards Trustworthy Safety Assessment by Providing Expert and Tool-Based XMECA Techniques

Towards Trustworthy Safety Assessment by Providing Expert and Tool-Based XMECA Techniques

IMECA-based Technique for Security Assessment of Private Communications: Technology and Training

UAV Fleet as a Dependable Service for Smart Cities: Model-Based Assessment and Application

Contact Info

Product

Resources

About