EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Multi-level Reference Model and a Dedicated Method for Cyber-Security by Design: On the Example of the Electricity Sector
Eindhoven University of Technology, Eindhoven, The Netherlands.
University of Duisburg-Essen, Essen, Germany.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.ORCID iD: 0000-0003-0478-9347
Number of Authors: 32024 (English)In: Business & Information Systems Engineering, ISSN 2363-7005, E-ISSN 1867-0202Article in journal (Refereed) Epub ahead of print
Abstract [en]

The increased reliance of organizations on information technology inherently increases their vulnerability to cyber-security attacks. As a response, a host of cyber-security approaches exists. While useful, these approaches exhibit shortcomings such as an inclination to be fragmented, not accounting for up-to-date organizational data, focusing on singular vulnerabilities only, and being reactive, i.e., focusing on patching up vulnerabilities in current systems. The paper presents and evaluates a modeling method aiming to address those shortcomings and to support security by design with a focus on the electricity sector. The proposed modeling method encompasses a multi-level reference model reconstructing and integrating existing initiatives and supporting top-down and bottom-up analyses. Compared to earlier work, the paper contributes (1) a process model for cyber-security by design, which proactively considers security as a first-class citizen during the design process, (2) a complete coverage of the multi-level model, in terms of three views complementing the introduced process model, (3) an elaborated evaluation, in terms of reporting on an additional design science cycle.
Place, publisher, year, edition, pages
2024.
Keywords [en]
Cyber-security by design, Modeling method, Security reference framework, Security analysis, Multi-level modeling
National Category
Information Systems
Research subject
Computer and Systems Sciences
Identifiers
URN: urn:nbn:se:su:diva-235700DOI: 10.1007/s12599-024-00899-yISI: 001345228200003Scopus ID: 2-s2.0-85207771557OAI: oai:DiVA.org:su-235700DiVA, id: diva2:1914445
Available from: 2024-11-19 Created: 2024-11-19 Last updated: 2024-11-20

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Hacks, Simon

Search in DiVA

By author/editor
Hacks, Simon
By organisation
Department of Computer and Systems Sciences
In the same journal
Business & Information Systems Engineering
Information Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 37 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
Stockholm University Library
|
DiVA portal
|
DiVA Contact
|
DiVA Log in