2009
DOI: 10.1016/j.ress.2009.02.001
|View full text |Cite
|
Sign up to set email alerts
|

Hierarchical, model-based risk management of critical infrastructures

Abstract: Risk management is a process that includes several steps, from vulnerability analysis to the formulation of a risk mitigation plan that selects countermeasures to be adopted. With reference to an information infrastructure, we present a risk management strategy that considers a sequence of hierarchical models, each describing dependencies among infrastructure components. A dependency exists any time a security related attribute of a component depends upon the attributes of other components. We discuss how this… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
14
0

Year Published

2009
2009
2022
2022

Publication Types

Select...
5
2

Relationship

0
7

Authors

Journals

citations
Cited by 35 publications
(14 citation statements)
references
References 28 publications
0
14
0
Order By: Relevance
“…These components can be analyzed separately, and the results integrated into the analysis, while maintaining the global model of the system being studied. This helps increase the level of depth of the analysis, while making scale economies in overall analysis time [24].…”
Section: Model Based Risk Analysis -Fis Modelling Approachmentioning
confidence: 99%
“…These components can be analyzed separately, and the results integrated into the analysis, while maintaining the global model of the system being studied. This helps increase the level of depth of the analysis, while making scale economies in overall analysis time [24].…”
Section: Model Based Risk Analysis -Fis Modelling Approachmentioning
confidence: 99%
“…This section briefly describes a billing infrastructure, which corresponds to an abstract model of an ICT infrastructure [1,2,15]. A billing infrastructure is characterized by the types of attacks and their impact on the infrastructure rather than the specific ICT components used in the infrastructure.…”
Section: Billing Infrastructuresmentioning
confidence: 99%
“…A billing infrastructure is an ICT infrastructure that is designed, constructed and managed to bill a large set of customers for services they access or consume. Such an infrastructure comprises a set of peripheral nodes and an intelligent backbone [2]. An example is a metering infrastructure in which the peripheral nodes measure the amount of a good (e.g., water or electricity) distributed to customers, and the backbone records, delivers and updates customer bills [9].…”
Section: Introductionmentioning
confidence: 99%
“…For instance, attack taxonomies have been proposed for two popular SCADA protocols, Modbus [77] and DPN3 [52]. The problem of threat analysis, that is, evaluating the impact that attacks and failures have in the controlled infrastructures, has been studied in [6,7,31,140]. In addition to threat analysis, Baiardi et al [7] also discuss mitigation strategies.…”
Section: General Aspectsmentioning
confidence: 99%
“…The problem of threat analysis, that is, evaluating the impact that attacks and failures have in the controlled infrastructures, has been studied in [6,7,31,140]. In addition to threat analysis, Baiardi et al [7] also discuss mitigation strategies. Ten et al [140] proposes an even more complete solution, including monitoring, detection, threat analysis and mitigation.…”
Section: General Aspectsmentioning
confidence: 99%