تدوین راهبردهای امنیت سایبری سامانه‌های کنترل صنعتی در زیرساخت‌های حیاتی کشور

منابع و مآخذ

الف) منابع فارسی

- افشار، ا؛ ترمه‌چی، ع؛ گلشن، ع؛ آقائیان، آ؛ شهریاری، ح (1393). «مروری بر امنیت سایبری سیستم‌های کنترل صنعتی»، مجله کنترل، انجمن مهندسان کنترل و ابزار دقیق ایران، سال هشتم، شماره 1، صص 45-31.

- جلالی، غ (1390). فضای سایبر، پنجمین عرصه جنگ است. قابل دسترسی در سایت:

www.aftabir.com/news/view/2012/feb/18/c1_1329558363.php

- عبد التاجدینی، م (1392). «معرفی بخش‌های آسیب پذیر سامانه‌های کنترل صنعتی و اسکادا از دیدگاه سایبری و ارائه راهکارهائی جهت بهبود و ارتقای امنیت در آن‌ها»، ماهنامه صنعت هوشمند، سال چهارم، شماره سوم.

- مددی آتشگاه، ح؛ افشار نادری، م؛ و قزلجه، ع (1393). «دفاع سایبری دانش‌بنیان با رویکرد بومی‌سازی تکنولوژِی»، اولین کنفرانس ملی علوم مهندسی و ایده‌های نو، تهران: موسسه آموزش عالی آیندگان.

ب) منابع انگلیسی

• § Angelini, M., Arcuri, M. C., Baldoni, R., Ciccotelli, C., Di Luna, G. A., Montanari, L., Verde, N. V. (2013). Italian Cyber Security Report Critical Infrastructure and Other Sensitive Sectors Readiness. ROME, Research Center of Cyber Intelligence and Information Security.
• § Bush, G. W (2001). Executive Order 13231: Critical Infrastructure Protection in the Information Age, Pub. L. No. EO 13231; http://www.gpoaccess.gov/fr/
• § Doremami, N., Afshar, A., و Mohammadi, A. D. (2010). Hierarchical Risk Assessment in Gas Pipelines Based on Fuzzy Aggregation end International Conference on Reliability, Safety and Hazard, IEEE.
• § Dummermuth, Ernst. (1974). US Patent # 3,942,158. Programmable logic controller. Allen-Bradley Company. http://www.patents.com/us-3942158.html
• § Good practice guide on non-nuclear critical energy infrastructure protection(NNCEIP). (2013). Organization for Security and Co-operation in Europe. www.osce.org
• § Gostev, A. (2012). Kaspersky Security Bulletin 2012. Kaspersky. https://securelist.com/analysis/kaspersky-security-bulletin/36762/kaspersky-security-bulletin-2012-cyber-weapons/
• § Hadziosmanovic, D., Bolzoni, D., Etalle, S., و Hartel, P. (2012). Challenges and opportunities in securing industrial control systems Proceedings of the IEEE Workshop on Complexity in Engineering, COMPENG 2012, Aachen, Germany: University of Twente and yEindhoven Technical University The Netherlands.
• § HomeLand Security. (2009). Recommended Practice : Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies,” 2009. HomeLand Security. https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/Defense_in_Depth_Oct09.pdf
• § Igure, V. M., Laughter, S. A., و Williams, R. D. (2006). Security issues in SCADA networks. Computers & Security, 25(7), 498–506. http://doi.org/10.1016/j.cose.2006.03.001
• § ISO27001. (2013). ISO/IEC 27001:2013 Information technology  Security techniques -- Information security management systems Requirements. ISO. http://www.iso.org/iso/catalogue_detail?csnumber=54534
• § Leszczyna, R., Egozcue, E., Tarrafeta, L., Villar, V. F., Estremera, R., و Alonso, J. (2011). Protecting Industrial Control Systems. Recommendations for Europe and Member States ENISA. European Network and Information Security Agency (ENISA): ENISA. بازیابی از https://www.enisa.europa.eu/publications/protecting-industrial-control-systems.-recommendations-for-europe-and-member-states
• § Miller, B., و Rowe, D. (2012). A survey SCADA of and critical infrastructure incidents st Annual conference on Research in information technology - RIIT, Calgary, Alberta, Canada: ACM Press. http://doi.org/10.1145/2380790.2380805
• § Obama. Improving Critical Infrastructure Cybersecurity Executive Order 13636-Preliminary Cybersecurity Framework, Pub. L. No. 13636 (2013). http://www.nist.gov/itl/upload/preliminary-cybersecurity-framework.pdf
• § Office, و Office of Energy Assurance. (2002). 21 Steps to Improve Cyber Security of SCADA Network. U.S. Department of Energy. http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/21_Steps- SCADA.pdf
• § Ralston, P. A. S., Graham, J. H., و Hieb, J. L. (2007). Cyber security risk assessment for SCADA and DCS networks. ISA Transactions, 46(4), 583–594. http://doi.org/10.1016/j.isatra.2007.04.003
• § Rinaldi, S. M., Peerenboom, J. P., و Kelly, T. K. (2001). Identifying, Understanding, and Analyzing Critical Infrastructure Interdependencies. IEEE Control Systems Magazine, 11–25.
• § Robles, R. J., و Park, G.-C. (2011). Securing Communication between SCADA Master Station and Mobile Remote Components. Communications In Computer And Information Science, 200, 203–210.
• § Ross, R. S. (2011). Managing Information Security Risk: Organization, Mission, and Information System View. NIST. http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf
• § Saurabh, A., Schwartz, G. A., و Hussain, A. (2013). In Quest of Benchmarking Security Risks to Cyber-Physical Systems. IEEE Network, 27(1), 18–25.
• § SCADA Systems: A Comparision of RTUs and PLCs. (2007). Motorola https://www.motorolasolutions.com/content/dam/msi/Products/scada-systems/SCADA_Sys_Wht_Ppr-2a_New.pdf
• § Stouffer, K., Falco, J., و Scarfone, K. (2011). Guide to Industrial Control Systems (ICS) Security -Recommendations of the National Institute of Standards and Technology. NIST Special Publication 800-82.
• § Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., و Hahn, A. (2015). Guide to Industrial Control Systems (ICS) Security Recommendations of the National Institute of Standards and Technology. National Institute of Standards and Technology. بازیابی از http://dx.doi.org/10.6028/NIST.SP.800-82r2
• § Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., و Hahn, A. (2015). Guide to Industrial Control Systems (ICS) Security Recommendations of the National Institute of Standards and Technology-Revision 2. National Institute of Standards and Technology. http://dx.doi.org/10.6028/NIST.SP.800-82r2
• § Tabansky, L. (2011). Critical Infrastructure Protection against Cyber Threats. Military And Strategic Affairs, 3(2).