| dc.description.abstract | This thesis is about Industrial Control Systems (ICS) security and standards and regulations which can contribute to improve this. The thesis tries to answer which research is done on how standards would have impacted previous attacks and / or prevent future attacks, and how this research could have been conducted. This is done in three steps. First the standards and regulations are described, and similarities and differences between them are discussed. Secondly, the most known attacks on ICS systems are described. The thesis argues that this is an area where more research needs to be done, before a thorough and useful comparison between attacks and standards can be done. Lastly, the thesis looks at the development and argumentation within a selection of relevant research on ICS security against the previous mentioned standards. This gives some new insight, foremost that there is a lack of insight and research into how attacks compare against relevant security standards. A small table for comparing this is suggested as a potentially solution to the problems mentioned in the thesis. The thesis also found that standards should be viewed as a tool, rather than as a solution for improving ICS security in itself. | |
