Usable Global Network Access Policy for Process Control Systems

“…In particular, [14] focuses on networked systems consisting of firewalls and other kinds of traffic control components and, as such, the presented approach is unsuitable for INSs which, typically, also include other types of devices. The NP-View tool described in [15], [16], [17] allows to check global policy implementations by processing information about the network topology and configuration. The tool, however, can only be used for systems consisting of nodes running SE-Linux which is typically not the case of INSs.…”

Automated fixing of access policy implementation in Industrial Networked Systems

“…In particular, [14] focuses on networked systems consisting of firewalls and other kinds of traffic control components and, as such, the presented approach is unsuitable for INSs which, typically, also include other types of devices. The NP-View tool described in [15], [16], [17] allows to check global policy implementations by processing information about the network topology and configuration. The tool, however, can only be used for systems consisting of nodes running SE-Linux which is typically not the case of INSs.…”

Automated fixing of access policy implementation in Industrial Networked Systems

“…The analysis is mainly focused on firewalls and other network devices. NetAPT (now NP-View) [31,32] is a software tool able to check global network access policies against the network topology and firewall configurations of a real system. The tool is also able to take into account further sources of system details (e.g., SE-Linux policies).…”

A twofold model for the analysis of access control policies in industrial networked systems

“…For our case study evaluations, a unified XML format was used to describe the power network topology and global access control policies. During the offline phase, EliMet used the NetAPT tool (Nicol et al, 2008) to perform a comprehensive security analysis of the access policy rules and to produce the network connectivity matrix according to the control network topology input. The matrix was later translated into an CMDP model.…”

Cyber-physical security metric inference in smart grid critical infrastructures based on system administrators' responsive behavior