Sciweavers

IEEEARES
2009
IEEE

Methodology for Experimental ICT Industrial and Critical Infrastructure Security Tests

14 years 5 months ago
Methodology for Experimental ICT Industrial and Critical Infrastructure Security Tests
—The security assessment of the ICT components of critical infrastructures is nowadays a prominent problem. Risk assessment methodologies require, in order to be effective, to be fed with data regarding the functioning and the behavior of the system under analysis, the potential vulnerabilities, the results and the effects of the possible cyber-attacks etc. Unfortunately the availability of security data coming from the field is scarce, mainly due to business confidentiality reasons. Therefore, there is an urgent need for alternative data sources. The solution is to conduct security experiments, with off-line systems or in laboratories with realistic emulation of the target systems. In this paper we present a methodology that defines, step by step, how to conduct, in a systematic and rigorous way, experimental ICT security tests.
Marcelo Masera, Igor Nai Fovino
Added 19 May 2010
Updated 19 May 2010
Type Conference
Year 2009
Where IEEEARES
Authors Marcelo Masera, Igor Nai Fovino
Comments (0)