Cybersecurity incidents are stressful, complex in nature, and are frequently not systematically considered in daily tasks. When correctly managed, operational readiness procedures ensure the availability of data required to successfully and quickly recover from a security incident, while lessening the adverse effect. Therefore, protective measures, such as implementation of data diodes, are playing an essential role in defending instrumentation and control (I&C) systems. In addition, applicability of the newest forensic and digital evidence-related standards to the nuclear domain is being evaluated. Results of such evaluation are being considered in the three-dimensional and two-dimensional modeling of cybersecurity relevant assets. The development of the new IEC 63096, downstream standard of IEC 62645, will also support the proposed evaluation and modeling. However, IEC 63096 covers not only forensic and incident management-related security controls but also a broad range of cybersecurity controls. This paper will further explore the security degree-specific selection and overall assignment of forensic-related security controls for the nuclear domain. Results from ongoing prototype developments will be used to demonstrate possible alternative selections and assignments, along with their contribution to different security metrics.
Planning the Selection and Assignment of Security Forensics Countermeasures
Manuscript received October 29, 2017; final manuscript received June 13, 2018; published online September 10, 2018. Assoc. Editor: John F. P. de Grosbois.
- Views Icon Views
- Share Icon Share
- Cite Icon Cite
- Search Site
Bajramovic, E., Bochtler, J., Zid, I. B., and Lainer, A. (September 10, 2018). "Planning the Selection and Assignment of Security Forensics Countermeasures." ASME. ASME J of Nuclear Rad Sci. October 2018; 4(4): 041008. https://doi.org/10.1115/1.4040650
Download citation file:
- Ris (Zotero)
- Reference Manager