2000 character limit reached
TMAP: A Threat Modeling and Attack Path Analysis Framework for Industrial IoT Systems (A Case Study of IoM and IoP) (2312.15319v1)
Published 23 Dec 2023 in cs.CR
Abstract: Industrial cyber-physical systems (ICPS) are gradually integrating information technology and automating industrial processes, leading systems to become more vulnerable to malicious actors. Thus, to deploy secure Industrial Control and Production Systems (ICPS) in smart factories, cyber threats and risks must be addressed. To identify all possible threats, Threat Modeling is a promising solution. Despite the existence of numerous methodological solutions for threat modeling in cyber-physical systems (CPS), current approaches are ad hoc and inefficient in providing clear insights to researchers and organizations involved in IIoT technologies. These approaches lack a comprehensive analysis of cyber threats and fail to facilitate effective path analysis across the ICPS lifecycle, incorporating smart manufacturing technologies and tools. To address these gaps, a novel quantitative threat modeling approach is proposed, aiming to identify probable attack vectors, assess the path of attacks, and evaluate the magnitude of each vector. This paper also explains the execution of the proposed approach with two case studies, namely the industrial manufacturing line, i.e., the Internet of Manufacturing (IoM), and the power and industry, i.e., the Internet of Production (IoP).
- Akundi, A., Euresti, D., Luna, S., Ankobiah, W., Lopes, A., Edinbarough, I.: State of industry 5.0—analysis and identification of current research trends. Applied System Innovation 5(1), 27 (2022) https://doi.org/10.3390/asi5010027 Brauner et al. [2022] Brauner, P., Dalibor, M., Jarke, M., Kunze, I., Koren, I., Lakemeyer, G., Liebenberg, M., Michael, J., Pennekamp, J., Quix, C., Rumpe, B., Aalst, W., Wehrle, K., Wortmann, A., Ziefle, M.: A computer science perspective on digital transformation in production. ACM Trans. Internet Things 3(2) (2022) https://doi.org/10.1145/3502265 Yang et al. [2019] Yang, H., Kumara, S., Bukkapatnam, S.T.S., Tsung, F.: The internet of things for smart manufacturing: A review. IISE Transactions 51(11), 1190–1216 (2019) https://doi.org/10.1080/24725854.2018.1555383 https://doi.org/10.1080/24725854.2018.1555383 Pennekamp et al. [2019] Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Brauner, P., Dalibor, M., Jarke, M., Kunze, I., Koren, I., Lakemeyer, G., Liebenberg, M., Michael, J., Pennekamp, J., Quix, C., Rumpe, B., Aalst, W., Wehrle, K., Wortmann, A., Ziefle, M.: A computer science perspective on digital transformation in production. ACM Trans. Internet Things 3(2) (2022) https://doi.org/10.1145/3502265 Yang et al. [2019] Yang, H., Kumara, S., Bukkapatnam, S.T.S., Tsung, F.: The internet of things for smart manufacturing: A review. IISE Transactions 51(11), 1190–1216 (2019) https://doi.org/10.1080/24725854.2018.1555383 https://doi.org/10.1080/24725854.2018.1555383 Pennekamp et al. [2019] Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Yang, H., Kumara, S., Bukkapatnam, S.T.S., Tsung, F.: The internet of things for smart manufacturing: A review. IISE Transactions 51(11), 1190–1216 (2019) https://doi.org/10.1080/24725854.2018.1555383 https://doi.org/10.1080/24725854.2018.1555383 Pennekamp et al. [2019] Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Brauner, P., Dalibor, M., Jarke, M., Kunze, I., Koren, I., Lakemeyer, G., Liebenberg, M., Michael, J., Pennekamp, J., Quix, C., Rumpe, B., Aalst, W., Wehrle, K., Wortmann, A., Ziefle, M.: A computer science perspective on digital transformation in production. ACM Trans. Internet Things 3(2) (2022) https://doi.org/10.1145/3502265 Yang et al. [2019] Yang, H., Kumara, S., Bukkapatnam, S.T.S., Tsung, F.: The internet of things for smart manufacturing: A review. IISE Transactions 51(11), 1190–1216 (2019) https://doi.org/10.1080/24725854.2018.1555383 https://doi.org/10.1080/24725854.2018.1555383 Pennekamp et al. [2019] Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Yang, H., Kumara, S., Bukkapatnam, S.T.S., Tsung, F.: The internet of things for smart manufacturing: A review. IISE Transactions 51(11), 1190–1216 (2019) https://doi.org/10.1080/24725854.2018.1555383 https://doi.org/10.1080/24725854.2018.1555383 Pennekamp et al. [2019] Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Yang, H., Kumara, S., Bukkapatnam, S.T.S., Tsung, F.: The internet of things for smart manufacturing: A review. IISE Transactions 51(11), 1190–1216 (2019) https://doi.org/10.1080/24725854.2018.1555383 https://doi.org/10.1080/24725854.2018.1555383 Pennekamp et al. [2019] Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Pennekamp, J., Glebke, R., Henze, M., Meisen, T., Quix, C., Hai, R., Gleim, L., Niemietz, P., Rudack, M., Knape, S., Epple, A., Trauth, D., Vroomen, U., Bergs, T., Brecher, C., Bührig-Polaczek, A., Jarke, M., Wehrle, K.: Towards an infrastructure enabling the internet of production. In: 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS), pp. 31–37 (2019). https://doi.org/10.1109/ICPHYS.2019.8780276 Jbair et al. [2022] Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Jbair, M., Ahmad, B., Maple, C., Harrison, R.: Threat modelling for industrial cyber physical systems in the era of smart manufacturing. Computers in Industry 137, 103611 (2022) https://doi.org/10.1016/j.compind.2022.103611 Saurabh et al. [2022a] Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Saurabh, K., Kumar, T., Singh, U., Vyas, O.P., Khondoker, R.: Nfdlm: A lightweight network flow based deep learning model for ddos attack detection in iot domains. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 736–742 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817297 Saurabh et al. [2022b] Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Saurabh, K., Singh, A., Singh, U., Vyas, O.P., Khondoker, R.: Ganibot: A network flow based semi supervised generative adversarial networks model for iot botnets detection. In: 2022 IEEE International Conference on Omni-layer Intelligent Systems (COINS), pp. 1–5 (2022). https://doi.org/10.1109/COINS54846.2022.9854947 Saurabh et al. [2022c] Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Saurabh, K., Sood, S., Kumar, P.A., Singh, U., Vyas, R., Vyas, O.P., Khondoker, R.: Lbdmids: Lstm based deep learning model for intrusion detection systems for iot networks. In: 2022 IEEE World AI IoT Congress (AIIoT), pp. 753–759 (2022). https://doi.org/10.1109/AIIoT54504.2022.9817245 Maggi et al. [2020] Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Maggi, F., Pogliani, M., Milano, P.: Attacks on smart manufacturing systems. Trend Micro Research: Shibuya, Japan, 1–60 (2020) Saurabh et al. [2022] Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Saurabh, K., Singh, S., Vyas, R., Vyas, O.P., Khondoker, R.: Mlaps: A machine learning based second line of defense for attack prevention in iot network. In: 2022 IEEE 19th India Council International Conference (INDICON), pp. 1–6 (2022). https://doi.org/10.1109/INDICON56171.2022.10039777 Magar [2016] Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Magar, A.: State-of-the-art in cyber threat models and methodologies. Report, Defence Research and Development Canada 272 (2016) Figueroa-Lorenzo et al. [2020] Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of iiot protocols: A measure of vulnerability risk analysis based on cvss. ACM Computing Surveys 53, 1–53 (2020) https://doi.org/10.1145/3381038 Hassija et al. [2019] Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on iot security: Application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019) https://doi.org/10.1109/ACCESS.2019.2924045 Jayalaxmi et al. [2021] Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Jayalaxmi, P., Saha, R., Kumar, G., Kumar, N., Kim, T.-H.: A taxonomy of security issues in industrial internet-of-things: Scoping review for existing solutions, future implications, and research challenges. IEEE Access 9, 25344–25359 (2021) https://doi.org/10.1109/ACCESS.2021.3057766 Falco et al. [2018] Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Falco, G., Caldera, C., Shrobe, H.: Iiot cybersecurity risk modeling for scada systems. IEEE Internet of Things Journal 5(6), 4486–4495 (2018) https://doi.org/10.1109/JIOT.2018.2822842 Shevchenko et al. [2018] Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Shevchenko, N., Chick, T.A., O’Riordan, P., Scanlon, T.P., Woody, C.: Threat modeling: A summary of available methods (2018) Boyes et al. [2018] Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): An analysis framework. Computers in Industry 101, 1–12 (2018) https://doi.org/10.1016/j.compind.2018.04.015 Jiang [2018] Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Jiang, J.-R.: An improved cyber-physical systems architecture for industry 4.0 smart factories. Advances in Mechanical Engineering 10(6), 1687814018784192 (2018) https://doi.org/10.1177/1687814018784192 https://doi.org/10.1177/1687814018784192 Leander et al. [2019] Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Leander, B., Čaušević, A., Hansson, H.: Applicability of the iec 62443 standard in industry 4.0 / iiot. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. ARES ’19. Association for Computing Machinery, New York, NY, USA (2019). https://doi.org/10.1145/3339252.3341481 . https://doi.org/10.1145/3339252.3341481 Amaya et al. [2009] Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Amaya, E., Alvares, A., Gudwin, R., et al.: Open system architecture for condition based maintenance applied to a hydroelectric power plant (2009) [22] Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Urbaczewski, L., Mrdalj, S.: A comparison of enterprise architecture frameworks. Issues in Information Systems https://doi.org/10.48009/2_iis_2006_18-23 Rouhani et al. [2013] Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Rouhani, B.D., Mahrin, M.N., Nikpay, F., Nikfard, P.: A comparison enterprise architecture implementation methodologies. In: 2013 International Conference on Informatics and Creative Multimedia, pp. 1–6 (2013). https://doi.org/10.1109/ICICM.2013.9 Nakagawa et al. [2021] Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Nakagawa, E.Y., Antonino, P.O., Schnicke, F., Capilla, R., Kuhn, T., Liggesmeyer, P.: Industry 4.0 reference architectures: State of the art and future trends. Computers & Industrial Engineering 156, 107241 (2021) https://doi.org/10.1016/j.cie.2021.107241 Welekwe [2021] Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Welekwe, A.: Threat modeling guide. Comparitech (2021) Kim et al. [2022] Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Kim, K.H., Kim, K., Kim, H.K.: Stride-based threat modeling and dread evaluation for the distributed control system in the oil refinery. ETRI Journal 44(6), 991–1003 (2022) https://doi.org/10.4218/etrij.2021-0181 https://onlinelibrary.wiley.com/doi/pdf/10.4218/etrij.2021-0181 Konev et al. [2022] Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Konev, A., Shelupanov, A., Kataev, M., Ageeva, V., Nabieva, A.: A survey on threat-modeling techniques: Protected objects and classification of threats. Symmetry 14(3) (2022) https://doi.org/10.3390/sym14030549 Mantha et al. [2020] Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Mantha, B., Jung, Y., Soto, B.: Implementation of the common vulnerability scoring system to assess the cyber vulnerability in construction projects. (2020). https://doi.org/10.3311/CCC2020-030 [29] Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Secure Architecture for Industrial Control Systems. https://www.sans.org/white-papers/36327/ (2023). https://www.sans.org/white-papers/36327/ [30] Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Jegeib: Microsoft Threat Modeling Tool Overview - Azure. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool Potteiger et al. [2016] Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Potteiger, B., Martins, G., Koutsoukos, X.: Software and attack centric integrated threat modeling for quantitative risk assessment, 99–108 (2016) https://doi.org/10.1145/2898375.2898390 Toker et al. [2021] Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Toker, F.S., Ovaz Akpinar, K., OZCELIK, I.: Mitre ics attack simulation and detection on ethercat based drinking water system. In: 2021 9th International Symposium on Digital Forensics and Security (ISDFS), pp. 1–6 (2021). https://doi.org/10.1109/ISDFS52919.2021.9486331 of Incident Response and (FIRST) [Last Accessed: October, 2023] Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Incident Response, F., (FIRST), S.T.: Common Vulnerability Scoring System v3.1: Specification Document (Last Accessed: October, 2023). https://www.first.org/cvss/v3.1/specification-document Sayed and Gabbar [2017] Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Sayed, K., Gabbar, H.A.: Chapter 18 - scada and smart energy grid control automation. In: Gabbar, H.A. (ed.) Smart Energy Grid Engineering, pp. 481–514. Academic Press, ??? (2017). https://doi.org/10.1016/B978-0-12-805343-0.00018-8 . https://www.sciencedirect.com/science/article/pii/B9780128053430000188 of Standards and Technology [Last Accessed: October 2023] Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search
- Standards, N.I., Technology: National Vulnerability Database, Washington, D.C. (Last Accessed: October 2023). https://nvd.nist.gov/vuln/search