Abstract : SCADA is one of a set of manufacturing-and-control systems that are used to monitor and control critical infrastructure. Such systems extensively utilise communications network protocols such as TCP/IP to interconnect a diverse array of components. A major forthcoming change within TCP/IP is the adoption of the IPv6 protocol and inevitably this change will affect SCADA systems. However IPv6 introduces its own set of vulnerabilities. Hence, given the scale and complexity of current SCADA systems, there is a need for organisations to be able to model and review the risks emanating from the propagation of identifiable vulnerabilities in IPv6 prior to actual operational deployment. This work shows how the required tools can be constructed by complementing the Information Security Management (ISM) risk modelling tool with the formal technique of Coloured Petri Nets (CPN). The results of the application of the tools in a case study confirm the utility of the approach.
Jacques Berleur; Magda David Hercheui; Lorenz M. Hilty. 9th IFIP TC9 International Conference on Human Choice and Computers (HCC) / 1st IFIP TC11 International Conference on Critical Information Infrastructure Protection (CIP) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-328, pp.384-395, 2010, What Kind of Information Society? Governance, Virtuality, Surveillance, Sustainability, Resilience. 〈10.1007/978-3-642-15479-9_36〉
https://hal.inria.fr/hal-01054779
Contributeur : Hal Ifip
<>
Soumis le : vendredi 8 août 2014 - 15:17:06
Dernière modification le : vendredi 11 août 2017 - 10:59:38
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 16:17:29
Suriadi Suriadi, Alan Tickle, Ejaz Ahmed, Jason Smith, Hasmukh Morarji. Risk Modelling the Transition of SCADA System to IPv6. Jacques Berleur; Magda David Hercheui; Lorenz M. Hilty. 9th IFIP TC9 International Conference on Human Choice and Computers (HCC) / 1st IFIP TC11 International Conference on Critical Information Infrastructure Protection (CIP) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-328, pp.384-395, 2010, What Kind of Information Society? Governance, Virtuality, Surveillance, Sustainability, Resilience. 〈10.1007/978-3-642-15479-9_36〉. 〈hal-01054779〉
