Risk-based use cases for OT security monitoring
October 5, 2018
|By Maarten Hoeve
Login is required to download this document
- Version
- Download 24
- File Size 1.07 MB
- File Count 1
- Create Date October 5, 2018
- Last Updated March 22, 2019
Risk-based use cases for OT security monitoring
A catalogue of monitoring use cases for OT systems linked to threats.
This document proposes a risk-based approach to OT security monitoring. Use are presented to detect different stages of an attack:
- Vulnerability management use cases find and fix vulnerabilities before attackers can exploit them
- Misuse detection use cases look for signs of the exploits.
- Access monitoring use cases look for unauthorized access by attackers once they have gained valid access.
- Reviewing access logs use cases look for unauthorized steps taken by attackers once they have accessed a system.
Each of the use cases is linked to the threats it can detect. In this way, grid operators can select the most effective use cases based on a risk assessment. Use cases can be chosen to mitigate the highest risks and complement preventive measures.
Attached Files
| File | |
|---|---|
| Risk-based use cases for OT security monitoring.pdf |