Cover Image

A review of security assessment methodologies in industrial control systems

Computer crime; Crime; Network security; Power control; SCADA systems; Standby power systems; Cyber-attacks; Design/methodology/approach; Electrical power networks; Industrial control systems; Security assessment; Security vulnerabilities; Vulnerability analysis; Vulnerability assessments; Electric...

Full description

Saved in:
Bibliographic Details
Main Authors: Qassim Q.S., Jamil N., Daud M., Patel A., Ja�affar N.
Other Authors: 36613541700
Format: Article
Published: Emerald Group Holdings Ltd. 2023
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uniten.dspace-24767
record_format dspace
spelling my.uniten.dspace-247672023-05-29T15:26:50Z A review of security assessment methodologies in industrial control systems Qassim Q.S. Jamil N. Daud M. Patel A. Ja�affar N. 36613541700 36682671900 57193904391 7403523963 57204109050 Computer crime; Crime; Network security; Power control; SCADA systems; Standby power systems; Cyber-attacks; Design/methodology/approach; Electrical power networks; Industrial control systems; Security assessment; Security vulnerabilities; Vulnerability analysis; Vulnerability assessments; Electric power system control Purpose: The common implementation practices of modern industrial control systems (ICS) has left a window wide open to various security vulnerabilities. As the cyber-threat landscape continues to evolve, the ICS and their underlying architecture must be protected to withstand cyber-attacks. This study aims to review several ICS security assessment methodologies to identify an appropriate vulnerability assessment method for the ICS systems that examine both critical physical and cyber systems so as to protect the national critical infrastructure. Design/methodology/approach: This paper reviews several ICS security assessment methodologies and explores whether the existing methodologies are indeed sufficient to meet the cyber security assessment exercise required to validate the security of electrical power control systems. Findings: The study showed that most of the examined methodologies seem to concentrate on vulnerability identification and prioritisation techniques, whilst other security techniques received noticeably less attention. The study also showed that the least attention is devoted to patch management process due to the critical nature of the SCADA system. Additionally, this review portrayed that only two security assessment methodologies exhibited absolute fulfilment of all NERC-CIP security requirements, whilst the others only partially fulfilled the essential requirements. Originality/value: This paper presents a review and a comparative analysis of several standard SCADA security assessment methodologies and guidelines published by internationally recognised bodies. In addition, it explores the adequacy of the existing methodologies in meeting cyber security assessment practices required for electrical power networks. � 2019, Emerald Publishing Limited. Final 2023-05-29T07:26:50Z 2023-05-29T07:26:50Z 2019 Article 10.1108/ICS-04-2018-0048 2-s2.0-85061306497 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85061306497&doi=10.1108%2fICS-04-2018-0048&partnerID=40&md5=e7ba884317630a35bf273740834b2983 https://irepository.uniten.edu.my/handle/123456789/24767 27 1 47 61 Emerald Group Holdings Ltd. Scopus
institution Universiti Tenaga Nasional
building UNITEN Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Tenaga Nasional
content_source UNITEN Institutional Repository
url_provider http://dspace.uniten.edu.my/
description Computer crime; Crime; Network security; Power control; SCADA systems; Standby power systems; Cyber-attacks; Design/methodology/approach; Electrical power networks; Industrial control systems; Security assessment; Security vulnerabilities; Vulnerability analysis; Vulnerability assessments; Electric power system control
author2 36613541700
author_facet 36613541700
Qassim Q.S.
Jamil N.
Daud M.
Patel A.
Ja�affar N.
format Article
author Qassim Q.S.
Jamil N.
Daud M.
Patel A.
Ja�affar N.
spellingShingle Qassim Q.S.
Jamil N.
Daud M.
Patel A.
Ja�affar N.
A review of security assessment methodologies in industrial control systems
author_sort Qassim Q.S.
title A review of security assessment methodologies in industrial control systems
title_short A review of security assessment methodologies in industrial control systems
title_full A review of security assessment methodologies in industrial control systems
title_fullStr A review of security assessment methodologies in industrial control systems
title_full_unstemmed A review of security assessment methodologies in industrial control systems
title_sort review of security assessment methodologies in industrial control systems
publisher Emerald Group Holdings Ltd.
publishDate 2023
_version_ 1806428128794378240
score 13.214268

Similar Items