References
- An Overview of Threat and Risk asseessment. (2002). Newyork : SANS.
- R. Radvanovsky. & J. Brodsky.(2013). Handbook of SCADA/Control Systems Security. : CRC Press.
- E. Byres. & D. Leversage.(2007). Security incidents and trends in SCADA and process industries. The industrial ethernet book, 39, 26. DOI:10.1016/b978-0-12-397189-0.00002-1
- T. Gopal. M. Subbaraju. & R. Joshi. (2014). Methodology to articulate the requirements for security In SCADA. fourth international conference on innovative computing technology, 58-60. DOI:10.1109/INTECH.2014.6927744
- A. Cardenas. & S. Amin. (2011). Attacks against process control systems: risk assessment, detection, and response. Proceedings of the 6th ACM symposium on information, computer and communications security,. 121-123. DOI:10.1145/1966913.1966959
- J. Guan. & J. Hieb. (2011). A digraph model for risk identification and management in SCADA systems. 2011 IEEE international conference on intelligence and security informatics, 53-54. DOI:10.1109/ISI.2011.5983990
- L. Durante. & A. Venzano. (2013). Review of security issues in industrial networks. IEEE Trans Industry Information, 35-36. DOI:10.1109/tii.2012.2198666
- Y. Y. Haimes. & C. G. Chittester. (2005). A roadmap for quantifying the efficacy of risk management of information security and interdependent SCADA systems. 2005 IEEE international conference on intelligence and security informatics, 72-74. DOI:10.2202/1547-7355.1117
- G. Dondossola. & F. Garrone. (2009). Supporting cyber risk assessment of power control systems with experimental data. Power systems conference and exposition, 2, 36-38. DOI:10.1109/PSCE.2009.4840170
- F. Baiardi. (2009). Hierarchical, model-based risk management of critical infrastructures. Reliabilty Engineering System Safety journal, 94(9), 1403-1415. DOI:10.1016/j.ress.2009.02.001
- M. Warren. (2009). Safeguarding Australia from cyber-terrorism:a proposed cyber-terrorism SCADA risk framework for industry adoption. Australian information warfare and security conference, 23-27. DOI:10.4225/75/57a7f3c09f482
- M. Franz. & D. Miller. (2004). The use of attack trees in assessing vulnerabilities in SCADA systems. Proceedings of the international infrastructure survivability workshop, 1, 42-44.
- G. Dondossola. & F. Garrone. (2009). Supporting cyber risk assessment of power control systems with experimental data. Power systems conference and exposition, 3, 12-15. DOI:10.1109/PSCE.2009.4840170
- J. Szanto. (2011). Cyber risk assessment of power control systems metrics weighed by attack experiments. Power and energy society general journal. 112-116. DOI:10.1109/PES.2011.6039589
- Window of exposure a real problem for SCADA systems Recommendations for Europe on SCADA patching.(2013).: ENISA
- G. N. Ericsson. (2009). Information security for electric power utilities (EPUs)-CIGR developments on frameworks, risk assessment, and technology. IEEE Trans Power Delivery journal, 24(3), 1174-1181. DOI: 10.1109/tpwrd.2008.2008470
- S. Grses. & M. Heisel. (2010). A comparison of security requirements SCADA engineering methods. Requirements of Security Enginering journal, 15(1), 7-40. DOI:10.1007/s00766-009-0092-x
- D. Thornton. & J. Dawson. (2012). Security best practices and risk assessment of SCADA and industrial control systems. Proceedings of the 2012 world congress in computer science, computer engineering, and applied computing, 111-114. DOI:10.1109/rusautocon.2018.8501811
- R. Folkers. & J. Roberts. (2006). Scenario-based approach to risk analysis in support of cyber security. Proceedings of the 5th international topical meeting on nuclear plant instrumentation controls, and human machine interface technology, 5(3), 293-300. DOI:10.1002/sec.321
- R. Filippini. & M. Schimmer. (2012). Risk assessment methodologies for critical infrastructure protection. European Commission Joint Research Centre Institute for the Protection and Security of the Citizen journal, 18, 50-57. DOI:10.1016/j.ijcip.2017.07.001
- K. Z. Snow. & D. R. Zaret. (2009). Evaluating the risk of cyber attacks on SCADA systems via Petri net analysis with application to hazardous liquid loading operations. IEEE conference on technologies for homeland security, 154-157. DOI:10.1109/ths.2009.5168093
- S. Rudrapattana. & P. Kijsanayothin. (2014). Cyber security analysis of smart grid SCADA systems with game models. Proceedings of the 9th annual cyber and information security research conference, 143-145. DOI:10.1145/2602087.2602089
- F. Massacci. & F. Paci. (2013). An experimental comparison of two risk-based security methods. ACM/IEEE international symposium on empirical software engineering and measurement, 182-186. DOI:10.1109/ESEM.2013.29
- M. R. Permann. & K. Rohde. (2005). Cyber assessment methods for SCADA security. 15th annual joint ISA POWID/EPRI controls and instrumentation conference., .63-68.
- A. Zielstra. (2013). Assessing and improving SCADA security in the dutch drinking water sector. Critical information infrastructure security journal,4(9),124-134. DOI:10.1016/j.ijcip.2011.08.002
- A. Krings. & J. Alves. (2012). Risk analysis and probabilistic survivability assessment an assessment approach for power substation hardening. Proceedings of ACM workshop on scientific aspects of cyber terrorism. DOI:10.1109/isgt.2017.8085978
- D. Gertman. & R. Folker. (2006). Scenario based approach to risk analysis in support of cyber security. Proceedings of the 5th international topical meeting on nuclear plant instrumentation controls, and human machine interface technology, 5(9),293-300. DOI:10.1002/sec.321
- S. Patel. & J. Graham. (2008). Quantitatively assessing the vulnerability of critical information systems. new method for evaluating security enhancements International Journal, 28(9), 483-491. DOI:10.1016/j.ijinfomgt.2008.01.009
- M. H. Henry. & R. M. Layer. (2009). Evaluating the risk of cyber attacks on SCADA systems via Petri net analysis with application to hazardous liquid loading operations. IEEE conference on technologies for homeland security. 76-79. DOI:10.1109/ths.2009.5168093
- Cyber Security Technical Assesment Methodology: Vulnerability Identification and Mitigation Overview of Threat and Risk asseessment.(2016). Newyork : EPRI.
- NEI 13-10 Cyber Security Control Assesment Rev5.(2016). Washington D.C: Nuclear Energy Institute
- S. Y. Oh. & J. K. Hong. (2018). Vulnerability Case Analysis of Wireless Moving Vehicle. journal of the Korea convergence society , 9(8), 41-46. DOI:10.15207/JKCS.2018.9.8.041
- J. K. Cho. (2019). Study on Improvement of Vulnerability Diagnosis Items for PC Security Enhancement. Journal of Convergence for information Technology, 9(3), 1-7. DOI:10.22156/CS4SMB.2019.9.3.001
- O. H. Alhazmi. & Y. K. Malaiya. (2007).Measuring, Analyzing and Predicting Security Vulnerabilities in Software Systems. Computers&Security journal, 26(3), 219-228. DOI:10.1016/j.cose.2006.10.002