Critical Infrastructure Protection and Supply Chain Risk Management

被引：1

作者：

Mead, Nancy R. ^{[1
]}

机构：

[1] Carnegie Mellon Univ, Inst Software Res, Pittsburgh, PA 15213 USA

来源：

2022 IEEE 30TH INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE WORKSHOPS (REW) | 2022年

关键词：

cybersecurity; critical infrastructure protection; supply chain risk management; security requirements;

D O I：

10.1109/REW56159.2022.00047

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Critical infrastructure is a key area in cybersecurity. In the U.S., it was front and center in 1997 with the report from the President's Commission on Critical Infrastructure Protection (PCCIP), and now affects countries worldwide. Critical Infrastructure Protection must address all types of cybersecurity threats - insider threat, ransomware, supply chain risk management issues, and so on. Unsurprisingly, in the past 25 years, the risks and incidents have increased rather than decreased and appear in the news daily. As an important component of critical infrastructure protection, secure supply chain risk management must be integrated into development projects. Both areas have important implications for security requirements engineering.

引用

页码：215 / 218

页数：4

共 10 条

[1]

Abrams Marshall, 2008, CONTROL SYSTEM CYBER

[2]

[Anonymous], 2020, NIST COMP SEC RES CT

[3]

[Anonymous], 2021, ONGOING CYBER THREAT

[4]

[Anonymous], 1997, PRESIDENT'S COMMISSION ON CRITICAL INFRASTRUCTURE PROTECTION WASHINGTON DC

[5]

[Anonymous], MEMORIAL HLTH SYSTEM

[6]

[Anonymous], 2022, Environmental Protection Agency

[7]

[Anonymous], 2021, ENISA Threat Landscape-The year in review

[8]

Birsan Alex, HACKED APPLE MICROSO

[9]

Mani S., 2014, CMUSEI2014TN003 CARN

[10]

Tschacher N.P., 2016, Typosquatting in programming language package managers

← 1 →