The chapter presents a case study demonstrating how security requirements of an Industrial Automation and Control System (IACS) component can be represented in a form of Protection Profile that is based on IEC 62443 standards and how compliance assessment of such component can be supported by explicitly representing a conformity argument in a form based on the OMG SACM metamodel. It is also demonstrated how an advanced argument assessment mechanism based on Dempster-Shafer belief function theory can be used to support assessors while analyzing and assessing the conformity argument related to an IACS component. These demonstrations use a NOR-STA tool for representing, managing and assessment of evidence-based arguments, which have been developed in our research group.
CITATION STYLE
Górski, J., & Wardziński, A. (2019). Supporting cybersecurity compliance assessment of industrial automation and control system components. In Advanced Sciences and Technologies for Security Applications (pp. 71–87). Springer. https://doi.org/10.1007/978-3-319-95597-1_4
Mendeley helps you to discover research relevant for your work.