Wyszukiwarka
Wyniki wyszukiwania dla: SECURITY STANDARDS
-
Supporting Compliance with Security Standards by Trust Case Templates
PublikacjaTrust Cases are used to justify that a given object (a system, an infrastructure, an organization) exhibits certain properties. One of possible applications of trust cases is related to the processes of achieving and demonstrating the compliance with standards. A Trust Case Template derived from a given standard constitutes a skeleton of justification (encompassing evidence and argumentation) of the compliance with the standard....
-
Standards on Cyber Security Assessment of Smart Grid
PublikacjaSecurity evaluation of communication systems in smart grid poses a great challenge to the developers and operators. In recent years many new smart grid standards were proposed, which paradoxically results in the difficulty in finding a relevant publication in this plethora of literature. This paper presents the results of a systematic analysis which aimed at addressing this issue by identifying standards that present sound security...
-
CIP Security Awareness and Training: Standards and Practice
PublikacjaThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognized by international and national standardization bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
CIP Security Awareness and Training: Standards and Practice
PublikacjaThese are critical infrastructure employees who have access to the critical cyber assets in the first place. This situation is well recognised by international and national standardisation bodies which recommend security education, training and awareness as one of the key elements of critical infrastructure protection. In this chapter the standards are identified and their relevant areas are described. A practical implementation...
-
Standards Conformity Framework in comparison with contemporary methods supporting standards application
PublikacjaAchieving and assessing conformity with standards and compliance with various sets of requirements generates significant costs for contemporary economies. Great deal of this is spent on fulfilment of safety and security requirements. However, standards application is not supported sufficiently by the tools available on the market. Therefore, Standards Conformity Framework (SCF) containing methods and tools which provide support...
-
Cybersecurity and Privacy in Standards for Smart Grids – a Comprehensive Survey
PublikacjaResilient information and communications technologies are a prerequisite for reliable operation of smart grid. In recent years, many standards for the new form of electricity network have been proposed, which results in operators and other smart grid stakeholders having difficulties in finding the documents which can be related to their particular problems. The purpose of this paper is to bring in all smart grid standards that...
-
Towards systemic functional safety and security management in hazardous plants
PublikacjaThe aim of this article is to identify and discuss some issues related to functional safety and security management in hazardous industrial plants. The safety functions are to be realised using the electric / electronic / programmable electronic systems (E/E/PESs) or the safety instrumented systems (SISs) that are designed and operated respectively according to IEC 61508 and IEC 61511 requirements in life cycle. Although the role...
-
Meeting Requirements Imposed by Secure Software Development Standards and Still Remaining Agile
PublikacjaThe paper introduces the AgileSafe method of selecting agile practices for software development projects that are constrained by assurance requirements resulting from safety and/or security related standards. Such requirements are represented by argumentation templates which explain how the evidence collected during agile practices implementation will support the conformity with the requirements. Application of the method is demonstrated...
-
Anti-theft lab security system based on RFID
PublikacjaThe aim of the project is to design and create an electronic system, which can be used to protect laboratory equipment against theft. The main task of the system is to warn a person responsible for the facilities about any attempts made to steal equipment from a laboratory. In a case of an alarm situation, the system emits a sound signal. The concept of the anti-theft security system based on RFID was developed on the basis of...
-
Procedure based functional safety and information security management of industrial automation and control systems on example of the oil port installations
PublikacjaThe approach addresses selected technical and organization aspects of risk mitigation in the oil port installations with regard to functional safety and security requirements specified in standards IEC 61508, IEC 61511 and IEC 62443. The procedure for functional safety management includes the hazard identification, risk analysis and assessment, specification of overall safety requirements and definition of...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublikacjaThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Systems engineering approach to functional safety and cyber security of industrial critical installations
PublikacjaThis chapter addresses the systems engineering approach to integrated functional safety and cybersecurity analysis and management regarding selected references, standards and requirements concerning critical installations and their industrial automation and control system (IACS). The objective is to mitigate the vulnerability of industrial installations that include the information technology (IT) and the operational technology...
-
Business continuity management framework for Industry 4.0 companies regarding dependability and security of the ICT and ICS/SCADA system
PublikacjaThis chapter addresses a business continuity management (BCM) framework for the Industry 4.0 companies including the organizational and technical solutions, regarding the dependability and security of the information and telecommunication technology (ICT), and the industrial control system (ICS) / supervisory control and data acquisition (SCADA) system. These technologies and systems play nowadays important roles in modern advanced...
-
Supporting Cybersecurity Compliance Assessment of Industrial Automation and Control System Components
PublikacjaThe chapter presents a case study demonstrating how security requirements of an Industrial Automation and Control System (IACS) component can be represented in a form of Protection Profile that is based on IEC 62443 standards and how compliance assessment of such component can be supported by explicitly representing a conformity argument in a form based on the OMG SACM meta-model. It is also demonstrated how an advanced argument...
-
Current risk analysis and management issues in technical systems.
PublikacjaDealing with the reliability and safety of industrial hazardous plants requires taking into account relevant interdisciplinary scientific knowledge and some existing approaches based on so-called good engineering practice, also those included in the international standards and guidelines. In this article an approach is proposed how to integrate the functional safety concept with information security aspects in the design and management...
-
Managing enterprise IT infrastructure and security 2022
Kursy OnlineThe aim of the course is for a student to acquire fundamental knowledge on cybersecurity management in organisations. During the course the concepts and methods associated with of an information security management system, cybersecurity standards and guidelines, cybersecurity management process, cybersecurity policy, cybersecurity threats, risk management, protection controls and the cost of the cybersecurity management will be...
-
Cybersecurity of Enterprise Infrastructure 2023
Kursy OnlineThe aim of the course is for a student to acquire fundamental knowledge on cybersecurity management in organisations. During the course the concepts and methods associated with of an information security management system, cybersecurity standards and guidelines, cybersecurity management process, cybersecurity policy, cybersecurity threats, risk management, protection controls and the cost of the cybersecurity management will be...
-
Cybersecurity of Enterprise Infrastructure 2024
Kursy OnlineThe aim of the course is for a student to acquire fundamental knowledge on cybersecurity management in organisations. During the course the concepts and methods associated with of an information security management system, cybersecurity standards and guidelines, cybersecurity management process, cybersecurity policy, cybersecurity threats, risk management, protection controls and the cost of the cybersecurity management will be...
-
Political Parties in the Digital World
PublikacjaThe aim of this report is to outline how digital technologies and digital media are redefining the way political parties fulfill their role as collective platforms for political participation of citizens, e.g. in relation to the parties’ decision-making processes, communication strategies, funding mechanisms, membership, information sharing, etc. and to highlight the existing international standards and good practices in this area....
-
Methodological issues of functional safety and reliability assessment of critical systems in industrial hazardous plants
PublikacjaThe aim of this article is to identify and discuss some methodological issues that are of interest among functional safety specialists and experts after publication of the second edition of international standards IEC 61508 and IEC 61511, including the design and implementing the safety-related functions of higher safety integrity levels and protection layers. The basic role of safety-related systems is to reduce effectively and...
-
Bezpieczeństwo funkcjonalne i ochrona informacji w obiektach i systemach infrastruktury krytycznej - analiza i ocena
PublikacjaW niniejszym rozdziale monografii przedstawiono bardzo aktualną problematykę związaną z analizą bezpieczeństwa funkcjonalnego rozproszonych systemów sterowania i automatyki zabezpieczeniowej w obiektach infrastruktury krytycznej, wykorzystujących przemysłową sieć komputerową, z uwzględnieniem zagadnień ochrony informacji. W obiektach tego typu systemy sterowania i automatyki zabezpieczeniowej są projektowane jako systemy rozproszone,...
-
Interaction with medical data using QR-codes
PublikacjaBar-codes and QR-codes (Quick Response ) are often used in healthcare. In this paper an application of QR-codes to exchange of laboratory results is presented. The secure data exchange is proposed between a laboratory and a patient and between a patient and Electronic Health Records. Advanced Encryption Standard was used to provide security of data encapsulated within a QR-code. The experimental setup, named labSeq is described....
-
Procedure based proactive functional safety management for the risk mitigation of hazardous events in the oil port installations including insurance aspects
PublikacjaThis article addresses selected technical and organization aspects of risk mitigation in the oil port installations with regard to functional safety requirements specified in standards IEC 61508 and IEC 61511. The procedure for functional safety management includes the hazard identification, risk analysis and assessment, specification of overall safety requirements and definition of safety functions. Based on risk assessment results...
-
A Review of Standards with Cybersecurity Requirements for Smart Grid
PublikacjaAssuring cybersecurity of the smart grid is indispensable for the reliable operation of this new form of the electricity network. Experts agree that standardised solutions and practices should be applied in the first place. In recent years many new standards for smart grids have been published, which paradoxically results in the difficulty of finding a relevant publication in this plethora of literature. This paper presents results...
-
Functional Safety and Cybersecurity Analysis and Management in Smart Manufacturing Systems
PublikacjaThis chapter addresses some of the issues of the integrated functional safety and cybersecurity analysis and management with regard to selected references and the functional safety standards: IEC 61508, IEC 61511, ISO 13849-1 and IEC 62061, and a cybersecurity standard IEC 62443 that concerns the industrial automation and control systems. The objective is to mitigate the vulnerability of industrial systems that include the information...
-
Functional safety and reliability analysis methodoloogy for hazardous industrial plants
PublikacjaThis monograph is devoted to current problems and methods of the functional safety and reliability analyses of the programmable control and protection systems for industrial hazardous plants. The results of these analyses are useful in the process of safety management in life cycle, for effective reducing relevant risks at the design stage, and then controlling these risks during the operation of given installation. The methodology...
-
PROJEKT ZESPOŁOWY [DK][2023/24]
Kursy OnlineCCCLECTURE and Classes: Power supply systems for industrial facilities. Devices and main circuits of MV power stations. Short-circuit calculation. Power protection automation. Security classification according to American ANSI standards used in the EU. Microprocessor protection relays. Drive systems for medium power and medium voltage pumps. Roving inverters. PROJECT: Design of a MV switching station for a medium-power pumping...
-
IDENTYFIKACJA CZYNNIKÓW WPŁYWAJĄCYCH NA BEZPIECZEŃSTWO EKSPLOATACJI STATKU NA ŚRÓDLĄDOWEJ DRODZE WODNEJ W DELCIE WISŁY
PublikacjaKażdego roku w Polsce, na śródlądowych drogach wodnych rejestrowane są przez Urzędy Żeglugi Śródlądowej, Państwową Straż Pożarną i Policję wypadki i incydenty, prowadzące zarówno do uszkodzenia infrastruktury jak i uszczerbku na zdrowiu. Poprawa poziomu bezpieczeństwa wymaga dogłębnej analizy i wyciągania wniosków z zaistniałych sytuacji awaryjnych. Istotną rzeczą jest identyfikacja i usystematyzowanie zagrożeń występujących w...
-
Functional safety and managing competence
PublikacjaSą nowe wyzwania związane z badaniami, edukacją i szkoleniem w obszarach bezpieczeństwa i ochrony systemów i sieci krytycznych. W rozdziale podkreśla się, że kompetencje specjalistów powinny być kształtowane w zintegrowanych procesach edukacji i szkolenia. Dlatego uzasadnione jest, aby opracować w Europie standardy i programy kształcenia na bazie odpowiednich prac badawczych i najlepszych doświadczeń z praktyki przemysłowej w celu...
-
Urban and Road Engineering - Smolnicki
Kursy OnlineLectures about "Urban and Road Engineering", dedicated to sixth semester of the English-speaking group, will be conducted in a way that activates students. Lectures on Road Engineering cover a wide range of important issues related to the subject, starting from a discussion of the historical circumstances of the creation, development and domination of the contemporary conventional model, through identifying new approaches and...
-
Magdalena Szuflita-Żurawska
OsobyMagdalena Szuflita-Żurawska jest kierownikiem Sekcji Informacji Naukowo-Technicznej na Politechnice Gdańskiej oraz Liderem Centrum Kompetencji Otwartej Nauki przy Bibliotece Politechniki Gdańskiej. Jej główne zainteresowania badawcze koncentrują się w obszarze komunikacji naukowej oraz otwartych danych badawczych, a także motywacji i produktywności naukowej. Jest odpowiedzialna między innymi za prowadzenie szkoleń dla pracowników...