Research Article
Comprehensive Risk Identification Model for SCADA Systems
Table 1
Risk parameters stated in each work.
| Paper | Risk Agent (WHO?) | Risk Motivations (WHY?) | Risk (WHAT?) | Penetration Technique (HOW?) | System Components (WHERE?) | Component Vulnerabilities (WHEN?) | Risk Interdependency |
| SCADA & ICS Risk Databases |
| ICS-CERT [19] | | | | | √ | √ | | Byres and Fabro [18] | √ | | √ | | √ | | |
| SCADA & ICS Reports and guides |
| Schwab and Poujol [31] | | | √ | | | √ | | ENISA [32] | √ | √ | √ | √ | | | √ | Brown and Wylie [33] | √ | | √ | | √ | | | Stouffer et al. [23] | √ | | | | √ | √ | | TISN [34] | | | | | √ | √ | | DHS [35] | | | | | √ | √ | |
| SCADA & ICS scientific research |
| Nasser et al. [36] | | | √ | √ | | | | Finogeev and Finogeev [37] | | | √ | | √ | | | Eden et al. [38] | | | √ | | √ | √ | | Woo and Kim [39] | | | √ | | √ | √ | | Hewett et al. [22] | | | √ | √ | √ | | | Miller et al. [24] | √ | | √ | √ | | | | Bompard et al. [20] | √ | | √ | | √ | √ | | Gabriel et al. [25] | √ | | √ | | √ | √ | √ | Nan et al. [11] | | | √ | | | √ | √ | Guillermo et al. [40] | √ | | √ | | √ | √ | | Zhu et al. [21] | √ | | | | √ | √ | | Tsang [41] | √ | | √ | √ | √ | √ | | Kang et al. [42] | | | √ | √ | √ | | |
|
|