Security analysis of socio-technical physical systems
نویسندگان
چکیده
منابع مشابه
Security analysis of socio-technical physical systems
Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents –here called Socio-Technical Physical Systems– have limitations: their agent behaviour is too simple, they just estimate feasibility and not the likelihood of attacks, or they do estimate likelihood but on explicitly provided attacks only. We propose a model that can detect and quantify...
متن کاملSocio-Technical Security Analysis of Industrial Control Systems (ICS)
Focusing on technical security can lead to shortfalls in the understanding of social and organisational security challenges. This paper proposes a method for analysing social, technical, and organisational security challenges, in regard to industrial control systems (ICS). This method is applied to a target organisation dependent on ICS, to validate the approach and gain initial insight into th...
متن کاملSocio-technical Security Analysis of Wireless Hotspots
We present a socio-technical analysis of security of Hotspot and Hotspot 2.0. The analysis focuses is user-centric, and aim at understanding which user action can compromise security in presence of a attacker. We identify research questions about possible factors that may affect user’s security decisions, and propose experiments to answer them.
متن کاملOn Tools for Socio-Technical Security Analysis
Many systems are hacked daily and apparently without much effort (e.g., see [1]). This happens because hackers prefer not to break security mechanisms immediately, but rather to target unguarded components first. Such components, e.g., users and human-computer ceremonies [2], are hacked by exploiting cognitive features (e.g., trust) and people’s dismay with ill-designed interfaces. These user-r...
متن کاملAnalysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems
A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization’s employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, befo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computers & Electrical Engineering
سال: 2015
ISSN: 0045-7906
DOI: 10.1016/j.compeleceng.2015.02.019