On 7th April at 13:15 RICS organises a seminar by Yulia Cherdantseva from Cardiff University on the topic of risk assessment.

Location: Room Von Neumann. Linköping University, Campus Valla, B Building, 1 floor up, between entry 29 and 27, B corridor.


Recently, in the framework of SCADA Cyber Security Lifecycle (SCADA-CSL) programme funded by the Airbus Group Endeavr Wales we have conducted a review of cyber security risk assessment methods for Supervisory Control and Data Acquisition (SCADA) systems . The review is presented here. This paper is currently the most downloaded article at Computers & Security.

In this talk I will cover the results of our review as well as the review methodology and research challenges identified. For the review, we selected and in-detail examined twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We analysed the methods in terms of aim; application domain; the stages of risk management addressed; key risk management concepts covered; impact measurement; sources of probabilistic data; evaluation and tool support. Based on the analysis, we suggested an intuitive scheme for the categorisation of cyber security risk assessment methods for SCADA systems. Most importantly, we outlined five research challenges facing risk assessment in SCADA systems and pointed out the approaches that might be taken.