{"id":"https://openalex.org/W2034213379","doi":"https://doi.org/10.1145/2459976.2460044","title":"On the use of the Clark-Wilson security model to protect industrial automation control systems","display_name":"On the use of the Clark-Wilson security model to protect industrial automation control systems","publication_year":2013,"publication_date":"2013-01-08","ids":{"openalex":"https://openalex.org/W2034213379","doi":"https://doi.org/10.1145/2459976.2460044","mag":"2034213379"},"language":"en","primary_location":{"id":"doi:10.1145/2459976.2460044","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2459976.2460044","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5108387614","display_name":"Dennis K. Holstein","orcid":null},"institutions":[{"id":"https://openalex.org/I2802028146","display_name":"WSP (New Zealand)","ror":"https://ror.org/03cfha585","country_code":"NZ","type":"company","lineage":["https://openalex.org/I2802028146","https://openalex.org/I929267784"]}],"countries":["NZ"],"is_corresponding":true,"raw_author_name":"Dennis K. Holstein","raw_affiliation_strings":["OPUS Consulting Group"],"affiliations":[{"raw_affiliation_string":"OPUS Consulting Group","institution_ids":["https://openalex.org/I2802028146"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5108387614"],"corresponding_institution_ids":["https://openalex.org/I2802028146"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.11279147,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"5"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9269999861717224,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9049999713897705,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6468565464019775},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.590745747089386},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.5856920480728149},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.5704353451728821},{"id":"https://openalex.org/keywords/automation","display_name":"Automation","score":0.5658259391784668},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.5110429525375366},{"id":"https://openalex.org/keywords/control-system-security","display_name":"Control system security","score":0.47077131271362305},{"id":"https://openalex.org/keywords/industrial-control-system","display_name":"Industrial control system","score":0.4258638024330139},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.41943359375},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.38928329944610596},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.3823317289352417},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.3799646198749542},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.3275443911552429},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.3130814731121063},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.28285521268844604},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.27418699860572815},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.22753268480300903},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.11248141527175903},{"id":"https://openalex.org/keywords/accounting","display_name":"Accounting","score":0.0891808271408081},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.08123946189880371}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6468565464019775},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.590745747089386},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.5856920480728149},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.5704353451728821},{"id":"https://openalex.org/C115901376","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automation","level":2,"score":0.5658259391784668},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.5110429525375366},{"id":"https://openalex.org/C172862783","wikidata":"https://www.wikidata.org/wiki/Q5165888","display_name":"Control system security","level":5,"score":0.47077131271362305},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.4258638024330139},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.41943359375},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.38928329944610596},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.3823317289352417},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.3799646198749542},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3275443911552429},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.3130814731121063},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.28285521268844604},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.27418699860572815},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.22753268480300903},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.11248141527175903},{"id":"https://openalex.org/C121955636","wikidata":"https://www.wikidata.org/wiki/Q4116214","display_name":"Accounting","level":1,"score":0.0891808271408081},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.08123946189880371},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2459976.2460044","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2459976.2460044","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":2,"referenced_works":["https://openalex.org/W2064553186","https://openalex.org/W2152505375"],"related_works":["https://openalex.org/W2017116761","https://openalex.org/W4206910357","https://openalex.org/W2045071758","https://openalex.org/W2018644264","https://openalex.org/W1811024770","https://openalex.org/W2907868081","https://openalex.org/W4230385779","https://openalex.org/W2187486724","https://openalex.org/W2056412463","https://openalex.org/W4387872582"],"abstract_inverted_index":{"IEC":[0,40,92,124],"62443":[1,41,125],"is":[2,78,98],"a":[3,64,75,102],"work-in-progress":[4],"standard":[5],"specifying":[6],"the":[7,52,81,85,115],"requirements":[8,44,56],"for":[9,107],"protecting":[10],"industrial":[11],"automation":[12],"control":[13],"systems":[14],"against":[15],"cyber-initiated":[16],"attacks":[17],"such":[18],"as":[19,63],"Stuxnet,":[20],"Confiker,":[21],"DKU,":[22],"and":[23,45,57,67,109,120],"most":[24],"recently":[25],"Flame.":[26],"Part":[27],"1-3":[28],"specifies":[29],"Jaquith-based":[30],"security":[31,42,88],"metrics":[32,53],"to":[33,36,50,100,128],"be":[34,118,129],"used":[35,99,119],"determine":[37],"compliance":[38,108],"with":[39,54],"policies,":[43],"audit":[46,58],"criteria.":[47],"In":[48],"order":[49],"align":[51],"system":[55],"criteria":[59],"which":[60],"are":[61],"specified":[62],"base":[65],"requirement":[66,73],"if":[68],"needed":[69],"one":[70],"or":[71],"more":[72],"enhancements,":[74],"formal":[76,103],"model":[77,82,116],"needed.":[79],"Furthermore,":[80],"must":[83],"accommodate":[84],"concept":[86],"of":[87,105],"levels":[89],"defined":[90],"in":[91,123],"62443.":[93],"The":[94],"Clark-Wilson":[95],"Security":[96],"Model":[97],"provide":[101],"framework":[104],"rules":[106],"enforcement.":[110],"This":[111],"paper":[112],"describes":[113],"how":[114],"could":[117],"identifies":[121],"deficiencies":[122],"that":[126],"need":[127],"addressed.":[130]},"counts_by_year":[{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}
