By Topic

Trust but Verify Critical Infrastructure Cyber Security Solutions

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)

Critical infrastructure cyber security solutions for industrial control systems are touted by the sellers as standards-based and comprehensive. Buyer beware, most of these claims are highly exaggerated. Only the International Society for Automation (ISA) is developing standards that are comprehensive in the sense that cyber security requirements control systems are defined as an extension of the security policies for the enterprise. Furthermore, these ISA standards include requirements that account for the dynamics induced by human behavior and the constraints imposed by external interfaces that are not directly controlled by the enterprise owner. This paper describes the seven foundational requirements codified in ISA-99.01-01 and the derived system requirements and metrics. The paper concludes with example security metrics recommended to verify the quality of cyber solutions offered.

Published in:

System Sciences (HICSS), 2010 43rd Hawaii International Conference on

Date of Conference:

5-8 Jan. 2010