A methodological proposal concerning to the management of information security in Industrial Control Systems
Abstract:
The most recent international reports of security issues documented a growing number of cybernetic attacks to Industrial Control Systems. Therefore, an increase of information technology implementations in manufacturing processes arose offering solutions in Information Security of the involved manufacturers and professionals. In this respect, a notable tendency emerges in which information security has been particularly intended to be used in businesses' administrative areas, where ISO-27000 is the most favored standard. Nonetheless, it has been determined that ISO is not yet an ideal standard for an industrial approach, due to the fact that it has not been created for these systems. We designed and implemented a methodology for the management of information security of the Industrial Control Systems of industrial businesses, based on standards issued by NIST. Such methodology presents the development of a series of phases, which provide two main contributions: Firstly a group of strategies to reduce risks and secondly a Guide for standards-based instructions as well as security policies for the effective management of information security.
Año de publicación:
2016
Keywords:
- Scada
- Industrial Control Systems
- NIST
- ISMS
- ISO 27000
- PLC
- information security
- Automation
- DCS
Fuente:
scopus
googleTipo de documento:
Conference Object
Estado:
Acceso restringido
Áreas de conocimiento:
- Ingeniería industrial
- Ingeniería industrial
Áreas temáticas:
- Funcionamiento de bibliotecas y archivos
- Interacción social
- Dirección general
