Change search
ReferencesLink to record
Permanent link

Direct link
Human and Organizational Aspects of Cyber Security: From a System Suppliers Perspective
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
2010 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

SCADA systems have been successfully implemented in industries like oil, gas and electricity for maintenance,

monitoring and control. While these systems provide immense advantage in terms of productivity, management

and performance, they are also prone to exploitation and problems.

These SCADA systems largely consist of network infrastructure which is subject to cyber security issues. Most

of the weaknesses, or threats posed to these systems can be eliminated or reduced if the human aspect

associated with them can be explored and corrected if needed. Because of human involvement in planning,

designing, developing, deployment and operating of such systems, probability of flaws will always be present.

This study focuses on such human aspects which effect cyber security in SCADA systems. We identified

common mistakes which can be attributed to human error or negligence. A set of causes was then identified by

use of interviews and finally, a Bayesian model was developed to simulate the identified cases and mistakes. We

analyzed the influence and probability of occurrence of mistakes using this model.

Our results prove that causes of the mistakes resulting in security problems for SCADA systems are directly

related to human aspects. Furthermore, we identified some of the most prominent of these causes in this study.

Based on the identified causes and mistakes, we suggested mitigation strategies to cater the problems faced.

Place, publisher, year, edition, pages
2010. , 108 p.
EES Examensarbete / Master Thesis, XR-EE-ICS 2010:013
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
URN: urn:nbn:se:kth:diva-105778OAI: diva2:572098
Educational program
Master of Science - Information and Communication Systems Security
Available from: 2012-12-03 Created: 2012-11-26 Last updated: 2012-12-03Bibliographically approved

Open Access in DiVA

fulltext(1257 kB)481 downloads
File information
File name FULLTEXT01.pdfFile size 1257 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Afzal, Muhammad
By organisation
Industrial Information and Control Systems
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 481 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 271 hits
ReferencesLink to record
Permanent link

Direct link