Abstract
Information and communication technology (ICT) is increasingly becoming a part of all critical infrastructures, and thus, there is an increasing need to include ICT in all risk assessments. This chapter explains the dependencies between ICT and other infrastructures and provides an overview of the threats and risks associated with ICT. The chapter also gives an introduction to modelling techniques that is of particular use when performing risk analyses of ICT systems. The chapter ends with recommendations on how to include the ICT aspects in risk assessments of other infrastructures.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Hilbert, M., & López, P. (2011). The world’s technological capacity to store, communicate, and compute information. Science, 332, pp. 60–65. http://www.sciencemag.org/content/332/6025/60.abstract.
ISO/IEC. (2005). Information security management systems–requirements. ISO/IEC 27001: 2005.
Albright, D., Brannan, P., & Walrond, C. (2010). Did stuxnet take out 1000 centrifuges at the Natanz enrichment plant? Institute for Science and International Security, 22 Dec 2010. http://isis-online.org/uploads/isis-reports/documents/stuxnet_FEP_22Dec2010.pdf.
Albright, D., Brannan, P., & Walrond, C. (2011). Stuxnet Malware and Natanz: Update of ISIS 22 Dec 2010 report. Institute for Science and International Security, 15 Feb 2011 http://isis-online.org/uploads/isis-reports/documents/stuxnet_update_15Feb2011.pdf.
McAfee® Foundstone®. (2011). Professional Services and McAfee Labs™ (2011) Global Energy Cyberattacks: “Night Dragon”, 10 Feb 2011. Available at: http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf.
Computerworld. (2008). CIA says hackers pulled plug on power grid, 18 Jan 2008 http://www.computerworld.com/s/article/9057999/CIA_says_hackers_pulled_plug_on_power_grid.
Poulsen, K. (2003). Slammer worm crashed Ohio nuke plant network, SecurityFocus, 19 Aug 2003 http://www.securityfocus.com/news/6767.
Meland, P. H., Tøndel, I. A., & Jensen, J. (2010). Idea: Reusability of threat models–two approaches with an experimental evaluation. Lecture Notes in Computer Science, 2010, Vols. 5965/2010, pp. 114–122.
Sindre, G., & Opdahl, A. L. (2005). Eliciting security requirements with misuse cases. Requirements Engineering, 10(1), 34–44.
Schneier, B. (Dec 1999). “Attack Trees”. Dr Dobb’s Journal, 24(12). Archived from the original on 6 August 2007. http://www.schneier.com/paper-attacktrees-ddj-ft.html. Retrieved 2007-08-16.
Line, M. B., Nordland, O., Røstad, L., & Tøndel, I. A. (2006). Safety vs. security? In Proceedings from Probabilistic Safety Assessment and Management (PSAM), New Orleans. ISBN 0-7918-0245-0.
The Register. (2010). Hackers plant firefox 0-day on Nobel peace prize website, Oct 26, 2010. http://www.theregister.co.uk/2010/10/26/firefox_0day_report/.
Jaatun, M. G., Albrechtsen, E., Line, M. B., Tøndel, I. A., & Longva, O. H. (2009). A framework for incident response management in the petroleum industry. International Journal of Critical Infrastructure Protection, 2, 26–37.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag London
About this chapter
Cite this chapter
Line, M.B., Tøndel, I.A. (2012). Information and Communication Technology: Enabling and Challenging Critical Infrastructure. In: Hokstad, P., Utne, I., Vatn, J. (eds) Risk and Interdependencies in Critical Infrastructures. Springer Series in Reliability Engineering. Springer, London. https://doi.org/10.1007/978-1-4471-4661-2_10
Download citation
DOI: https://doi.org/10.1007/978-1-4471-4661-2_10
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-4660-5
Online ISBN: 978-1-4471-4661-2
eBook Packages: EngineeringEngineering (R0)