Abstract
This chapter discusses potential active and military response to an attack on ICS performed by a nation state, something that rarely if ever enters the purview of a typical ICS stakeholder. However, because ICS attacks are so likely to be perpetuated by a nation state, and because any response to an ICS attack may touch on issues related to a hostile nation state, we feel that this book benefits from exploring this unusual topic.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Allen, J. (2005). Governing for enterprise security (CMU/SEI-2005-TN-023). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University.
Boyes, H. (2014). Code of practice for cyber security in built environment (p. 57). London: The Institution of Engineering and Technology.
Department of Energy. (2014). Cybersecurity Capability Maturity Model (C2M2) Facilitator Guide (pp. 1, 15, 19). Retrieved from http://energy.gov/sites/prod/files/2014/02/f7/C2M2-FacilitatorGuide-v1-1-Feb2014.pdf.
Department of Homeland Security Industrial Control System Cyber Emergency Response Team. (2015), Cyber Security Evaluation Tool (CSET), Users Guide (pp. 14, 15, 20, 44, 47, 70, 111, 173). Retrieved from https://ics-cert.us-cert.gov/Assessments.
Fabro, M. (2012). Study on cyber security and threat evaluation in SCADA systems (p. 125). Ontario: Defense Research and Development Canada Centre for Security Science.
Howe, D. (2009), Information technology governance. The Free On-line Dictionary of Computing from Dictionary.com website. Retrieved from http://dictionary.reference.com/browse/information_technology_governance.
Hufty, M. (2011). Investigating policy processes: The governance analytical framework (GAF). In U. Wiesmann, H. Hurni, et al. (Eds.), Research for sustainable development: Foundations, experiences, and perspectives (pp. 403–424). Bern: Geographica Bernensia. Retrieved from https://en.wikipedia.org/wiki/Governance.
Joint Task Force Transformation Initiative Interagency Working Group. (2013). Security and privacy controls for federal information systems and organizations. Gaithersburg, MD: National Institute of Science and Technology, Special Publication 800–53 revision 4, p. F-64. Retrieved from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53Ar4.pdf.
Langer, R. (2013), Robust ICS Planning & Evaluation (RIPE) Framework (pp. 1, 9). Retrieved from http://www.langner.com/en/solutions/.
National Institute of Science and Technology. (2014), Cybersecurity framework (pp. 6, 7, 15, 20). Retrieved from http://www.nist.gov/cyberframework/.
Stouffer, K., Pillitteri, V., Abrams, M., & Hahn, A. (2015). Guide to Industrial Control Systems (ICS) Security. Gaithersburg, MD: National Institute of Science and Technology, Special Publication 800–82 revision 2, pp. 2–117, G-27. Retrieved from http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf.
Westby, J.R. (2003). Information security governance: Toward a framework for action business software alliance. Retrieved from http://www.bsa.org/country/Research%20and%20Statistics/~/media/BD05BC8FF0F04CBD9D76460B4BED0E67.ashx.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Haegley, D. (2016). Governance and Assessment Strategies for Industrial Control Systems. In: Colbert, E., Kott, A. (eds) Cyber-security of SCADA and Other Industrial Control Systems. Advances in Information Security, vol 66. Springer, Cham. https://doi.org/10.1007/978-3-319-32125-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-32125-7_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-32123-3
Online ISBN: 978-3-319-32125-7
eBook Packages: Computer ScienceComputer Science (R0)