IT vs OT Security: A Time to Consider a Change in CIA to Include Resilience

被引：24

作者：

Conklin, Wm. Arthur ^{[1
]}

机构：

[1] Univ Houston, Houston, TX 77004 USA

来源：

PROCEEDINGS OF THE 49TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS 2016) | 2016年

关键词：

D O I：

10.1109/HICSS.2016.331

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

There has long been debate over the differences between IT and OT networks, especially concerning security. Examining the business drivers behind OT and how security is typically measured provides insight into the cause of the mismatch. Adding a new measure, resilience, into the traditional CIA mix provides better security and business objective alignment in OT systems. This paper postulates a new method for the measurement of security in OT systems, specifically the addition of resilience as a driving factor. Using resilience as a framing method before attempting to employ security controls in an OT system will result in better alignment of security control outcomes with respect to system control objectives.

引用

页码：2642 / 2647

页数：6

共 16 条

[1]

[Anonymous], 2013, NIST Special Publication 800-53 R4 Security and Privacy Controls for Federal Information Systems and Organizations, DOI DOI 10.6028/NIST.SP.800-53R4

[2]

[Anonymous], 2014, CYBER RESILIENCE REV

[3]

[Anonymous], 2014, Framework for Improving Critical Infrastructure Cybersecurity

[4]

ANSI/ ISA, 2007, 6244311 ANSI ISA

[5]

ANSI/ISA, 2013, 6244333 ANSI ISA

[6]

Caralli R. A., 2010 DTIC

[7] Control systems personnel are from Mars; IT personnel are from Venus [J].

Conklin, William Arthur .

INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2011, 4 (02) :76-77

[8]

Gallagher Sean., 2015, Ars Technica

[9]

Leyden J., 2008, Register, V11

[10]

Maconachy V., 2001, 20 ANN IEEE INF ASS

← 1 2 →