Advanced Approach to Information Security Management System Model for Industrial Control System

Park, Sang‐Hyun; Lee, Kyung-Ho

doi:10.1155/2014/348305

Cited by 14 publications

(5 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…for IT/OT security and has an availability metric, ISO 27001 (implemented f mation security). IEC 61784 (industrial communication network profile) [104] 27033-1:2015 (IT security techniques-network security) [58] also consist of t ability metric.…”

Section: Bmentioning

confidence: 99%

“…This method will also contribute toward aligning and improving ICS security. In [104], the authors compared the security requirements of ISO 27001, NIST 800-53 [34], and IEC 61511 [105] to check whether ICS/SCADA safety is considered by the above standards. The comparison was made to verify whether the existing security objectives were sufficient or not.…”

Section: Bmentioning

confidence: 99%

See 1 more Smart Citation

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

Dhirani

Armstrong

Newe

2021

Sensors

View full text Add to dashboard Cite

Industrial IoT (IIoT) is a novel concept of a fully connected, transparent, automated, and intelligent factory setup improving manufacturing processes and efficiency. To achieve this, existing hierarchical models must transition to a fully connected vertical model. Since IIoT is a novel approach, the environment is susceptible to cyber threat vectors, standardization, and interoperability issues, bridging the gaps at the IT/OT ICS (industrial control systems) level. IIoT M2M communication relies on new communication models (5G, TSN ethernet, self-driving networks, etc.) and technologies which require challenging approaches to achieve the desired levels of data security. Currently there are no methods to assess the vulnerabilities/risk impact which may be exploited by malicious actors through system gaps left due to improper implementation of security standards. The authors are currently working on an Industry 4.0 cybersecurity project and the insights provided in this paper are derived from the project. This research enables an understanding of converged/hybrid cybersecurity standards, reviews the best practices, and provides a roadmap for identifying, aligning, mapping, converging, and implementing the right cybersecurity standards and strategies for securing M2M communications in the IIoT.

show abstract

Section: Bmentioning

confidence: 99%

Section: Bmentioning

confidence: 99%

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

Dhirani

Armstrong

Newe

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…Being ISO/IEC 27001 process-driven seems better suited to meet these challenges than more document-oriented standards (Beckers et al , 2013). However, ISO/IEC 27001 alone seems not sufficient to guarantee both IS security and safety (Park and Lee, 2014), but it may represent the backbone on which more specific standards are integrated (Leszczyna, 2019).…”

Section: Thematic Findingsmentioning

confidence: 99%

The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda

Culot

Nassimbeni

Podrecca

et al. 2021

TQM

View full text Add to dashboard Cite

PurposeAfter 15 years of research, this paper aims to present a review of the academic literature on the ISO/IEC 27001, the most renowned standard for information security and the third most widespread ISO certification. Emerging issues are reframed through the lenses of social systems thinking, deriving a theory-based research agenda to inspire interdisciplinary studies in the field.Design/methodology/approachThe study is structured as a systematic literature review.FindingsResearch themes and sub-themes are identified on five broad research foci: relation with other standards, motivations, issues in the implementation, possible outcomes and contextual factors.Originality/valueThe study presents a structured overview of the academic body of knowledge on ISO/IEC 27001, providing solid foundations for future research on the topic. A set of research opportunities is outlined, with the aim to inspire future interdisciplinary studies at the crossroad between information security and quality management. Managers interested in the implementation of the standard and policymakers can find an overview of academic knowledge useful to inform their decisions related to implementation and regulatory activities.

show abstract

“…Park and Lee [22] holds the view that there are many kind of authentication technologies that are developed to protect personal information. However, if the NFC-based services are being used widely, the efficiency and payment information protection of these technologies must be ensured.…”

Section: B Radio-frequency Identification (Frid)mentioning

confidence: 99%

Crypt-Tag Authentication in NFC Implementation for Medicine Data Management

Abidin¹,

Zakaria²,

Harum³

et al. 2018

ijacsa

View full text Add to dashboard Cite

This study focus on the implementation of expiry date detection for medicine using RFID in the health care industry. The motivation for doing this research is the process of searching for the expired medicine is a time consuming and lack of security features included in current NFC implementation. Therefore, the objective of this research is to study the RFID technology used for detecting medicine expiry product and to develop a new system that integrated NFC with authentication feature. Moreover, the problem of current data management for medicine still using manual or barcode system that lead to inconsistency, easy duplication and human error. Here, the NFC is chosen, due to smaller distance of signal coverage, since less interference and the time spending for sniffing activity by the hacker can be reduced. The system is developed using C#, SQLite, Visual Studio, NFC Tag and NFC reader (ACR122U-A9). Experiments have shown that the proposed system has produced medicine expiry date system and only authorized person in charge can monitor the medicine. The impact of the proposed system produces safer, greener and easier environment for better medicine data management. The significance of this study gives a medicine expiry date detection system for health care.

show abstract

Advanced Approach to Information Security Management System Model for Industrial Control System

Cited by 14 publications

References 12 publications

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

Industrial IoT, Cyber Threats, and Standards Landscape: Evaluation and Roadmap

The ISO/IEC 27001 information security management standard: literature review and theory-based research agenda

Crypt-Tag Authentication in NFC Implementation for Medicine Data Management

Contact Info

Product

Resources

About