Skip to content

Understanding Security Requirements for Industrial Control System Supply Chains

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Original languageEnglish
Title of host publicationProceedings of 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS'19)
Publisher or commissioning bodyInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages4
ISBN (Electronic)9781728122823
ISBN (Print)9781728134383
DateAccepted/In press - 2 Mar 2019
DatePublished (current) - 5 Sep 2019


We address the need for security requirements to take into account risks arising from complex supply chains underpinning cyber-physical infrastructures such as industrial control systems (ICS). We present SEISMiC (SEcurity Industrial control SysteM supply Chains), a framework that takes into account the whole spectrum of security risks – from technical aspects through to human and organizational issues – across an ICS supply chain. We demonstrate the effectiveness of SEISMiC through a supply chain risk assessment of Natanz, Iran’s nuclear facility that was the subject of the Stuxnet attack.

    Structured keywords

  • Cyber Security

Download statistics

No data available



  • Full-text PDF (accepted author manuscript)

    Rights statement: This is the accepted author manuscript (AAM). The final published version (version of record) is available online via IEEE at . Please refer to any applicable terms of use of the publisher.

    Accepted author manuscript, 1.19 MB, PDF document

    Licence: Other


View research connections

Related faculties, schools or groups