InSAW-Industrial Security Assessment Workbench

Abstract

Industry, in parallel with a pervasive use of information and communication technologies, has begun in the last years to take into consideration the use of public information infrastructures (including the Internet) for remotely monitoring, managing and maintaining their technical systems. Concurrently, private and public networks are used for interconnecting technical and business information systems. As a result, industry is increasingly exposed to internal and external cyber-threats, and the security of the ICT infrastructures assumes a predominant relevance. A security assessment methodology, tailored for ICT industrial systems, has been recently developed in order to address such problem. In this paper we present InSAW, a software tool we have developed to implement such methodology in order to help the analysts in modeling and analyze under a security perspective, complex critical systems.