Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.815659
Title: ICSrank : a security assessment framework for Industrial Control Systems (ICS)
Author: Alhasawi, S.
ISNI:       0000 0004 9358 7612
Awarding Body: Liverpool John Moores University
Current Institution: Liverpool John Moores University
Date of Award: 2020
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
This thesis joins a lively dialogue in the technological arena on the issue of cybersecurity and specifically, the issue of infrastructure cybersecurity as related to Industrial Control Systems. Infrastructure cybersecurity is concerned with issues on the security of the critical infrastructure that have significant value to the physical infrastructure of a country, and infrastructure that is heavily reliant on IT and the security of such technology. It is an undeniable fact that key infrastructure such as the electricity grid, gas, air and rail transport control, and even water and sewerage services rely heavily on technology. Threats to such infrastructure have never been as serious as they are today. The most sensitive of them is the reliance on infrastructure that requires cybersecurity in the energy sector. The call to smart technology and automation is happening nowadays. The Internet is witnessing an increase number of connected industrial control system (ICS). Many of which don’t follow security guidelines. Privacy and sensitive data are also an issue. Sensitive leaked information is being manipulated by adversaries to accomplish certain agendas. Open Source intelligence (OSINT) is adopted by defenders to improve protection and safeguard data. This research presented in thesis, proposes “ICSrank” a novel security risk assessment for ICS devices based on OSINT. ICSrank ranks the risk level of online and offline ICS devices. This framework categorizes, assesses and ranks OSINT data using ICSrank framework. ICSrank provides an additional layer of defence and mitigation in ICS security, by identification of risky OSINT and devices. Security best practices always begin with identification of risk as a first step prior to security implementation. Risk is evaluated using mathematical algorithms to assess the OSINT data. The subsequent results achieved during the assessment and ranking process were informative and realistic. ICSrank framework proved that security and risk levels were more accurate and informative than traditional existing methods.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.815659  DOI:
Keywords: QA75 Electronic computers. Computer science ; QA76 Computer software
Share: