Graeme Pye

Critical Infrastructure Systems: Security Analysis and Modelling Approach

A system security analysis and system modelling framework tool is proposed adopting an associated conceptual methodology as the basis for assessing security and conceptually modelling a critical infrastructure system incident. The intent is to identify potential system security issues and gain operational insights that will contribute to improving system resilience, contingency planning, disaster recovery and ameliorating incident management responses for critical infrastructure system incidents. The aforementioned system security analysis and modelling framework is applied to an adverse critical infrastructure system incident case study. This paper reports on the practical application of the framework to a case study of an actual critical infrastructure system failure and the resultant incident implications for the system and the wider regional communities.

E-business security benchmarking: a model and framework

The dynamic nature of threats and vulnerabilities within the e-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, e-business security has to become proactive, by reviewing and continuously improving security to strengthen e-business security measures and policies. This can be accomplished through benchmarking the security measures and policies utilised within the e-business, against recognised Information Technology (IT) and Information Security (IS) security standards.