Learn More
Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and(More)
Security Architecture (SA) is concerned with such tasks as design, development and management of secure business information systems. These tasks are inherently complex and become several orders of magnitude more sophisticated in a Collaborative De-Perimeterised Environment (CDePE). Although significant research exists about the technical solutions that may(More)
A B S T R A C T This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim;(More)
The participation of business experts in the elicitation and formulation of Information Assurance & Security (IAS) requirements is crucial. Although business experts have security-related knowledge, there is still no formalised business process modelling notation allowing them to express this knowledge in a clear, unambiguous manner. In this paper we(More)
Any risk analysis of a large infrastructure that does not account for external dependencies is dangerously introspective. A top-down, goal-to-dependencies modeling approach can capture interdependencies and allow supply-chain entities to securely share risk data, calculate the likely impact of a failure, and respond accordingly.
  • 1