Requirements Analysis for the Evaluation of Automated Security Risk Assessments
Marco Ehrlich , Georg Lukas , Henning Trsek , Jürgen Jasperneite , Wolfgang Kastner und Christian Diedrich,
Apr 2024
The overall Industry 4.0 developments and the highly dynamic threat landscape enhance the need for continuous security engineering of industrial components, modules, and systems. Security risk assessments play a major role to ensure a secure operation of Industrial Automation and Control Systems (IACSs) but are mostly neglected due to missing resources and a lack of human experts for the sophisticated manual tasks. Therefore, a method for information and process modelling regarding the automation of security risk assessments has been previously designed, but not yet evaluated. This work in progress begins the evaluation of the automated security risk assessment concept by investigating the related work and identifying the main deficits. The results include a requirements analysis for the verification and an outlook towards future evaluation aspects.
| author | = | {Ehrlich, Marco and Lukas, Georg and Trsek, Henning and Jasperneite, Jürgen and Kastner, Wolfgang and Diedrich, Christian}, |
| title | = | {Requirements Analysis for the Evaluation of Automated Security Risk Assessments}, |
| booktitle | = | {Workshop on Factory Communication Systems (WFCS)}, |
| year | = | {2024}, |
| editor | = | {}, |
| volume | = | {}, |
| series | = | {}, |
| pages | = | {0}, |
| address | = | {Toulouse, France}, |
| month | = | {Apr}, |
| organisation | = | {ISAE-SUPAERO & University of Toulouse}, |
| publisher | = | {IEEE}, |
| note | = | {}, |