Browse/search for people

Publication - Professor Awais Rashid

    Understanding Security Requirements for Industrial Control System Supply Chains


    Hou, Y, Such, J & Rashid, A, 2019, ‘Understanding Security Requirements for Industrial Control System Supply Chains’. in: Proceedings of 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS'19). Institute of Electrical and Electronics Engineers (IEEE), pp. 50-53


    We address the need for security requirements to take into account risks arising from complex supply chains underpinning cyber-physical infrastructures such as industrial control systems (ICS). We present SEISMiC (SEcurity Industrial control SysteM supply Chains), a framework that takes into account the whole spectrum of security risks – from technical aspects through to human and organizational issues – across an ICS supply chain. We demonstrate the effectiveness of SEISMiC through a supply chain risk assessment of Natanz, Iran’s nuclear facility that was the subject of the Stuxnet attack.

    Full details in the University publications repository