{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,16]],"date-time":"2026-03-16T10:07:35Z","timestamp":1773655655844,"version":"3.50.1"},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319403847","type":"print"},{"value":"9783319403854","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-40385-4_4","type":"book-chapter","created":{"date-parts":[[2016,6,17]],"date-time":"2016-06-17T14:46:42Z","timestamp":1466174802000},"page":"48-62","source":"Crossref","is-referenced-by-count":6,"title":["Security Monitoring for Industrial Control Systems"],"prefix":"10.1007","author":[{"given":"Alessio","family":"Coletta","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alessandro","family":"Armando","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,6,18]]},"reference":[{"key":"4_CR1","unstructured":"American Gas Association: Aga-12: cryptographic protection of scada communications (2006)"},{"issue":"1\u20132","key":"4_CR2","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1016\/j.scico.2007.08.001","volume":"72","author":"R Bagnara","year":"2008","unstructured":"Bagnara, R., Hill, P.M., Zaffanella, E.: The parma polyhedra library: toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems. Sci. Comput. Programm. 72(1\u20132), 3\u201321 (2008)","journal-title":"Sci. Comput. Programm."},{"key":"4_CR3","doi-asserted-by":"crossref","unstructured":"Bolzoni, D., Zambon, E., Etalle, S., Hartel, P.: Poseidon: a 2-tier anomaly-based network intrusion detection system. In: Proceedings of the Fourth IEEE International Workshop on Information Assurance, IWIA 2006, pp. 144\u2013156. IEEE Computer Society, Los Alamitos. http:\/\/doc.utwente.nl\/64935\/","DOI":"10.1109\/IWIA.2006.18"},{"issue":"2","key":"4_CR4","doi-asserted-by":"crossref","first-page":"179","DOI":"10.1109\/TII.2010.2099234","volume":"7","author":"A Carcano","year":"2011","unstructured":"Carcano, A., Coletta, A., Guglielmi, M., Masera, M., Fovino, I.N., Trombetta, A.: A multidimensional critical state analysis for detecting intrusions in scada systems. IEEE Trans. Ind. Inform. 7(2), 179\u2013186 (2011)","journal-title":"IEEE Trans. Ind. Inform."},{"key":"4_CR5","volume-title":"Snort 2.1 Intrusion Detection","author":"B Caswell","year":"2004","unstructured":"Caswell, B., Beale, J.: Snort 2.1 Intrusion Detection. Syngress, Rockland (2004)"},{"key":"4_CR6","unstructured":"Cheung, S., Dutertre, B., Fong, M., Lindqvist, U., Skinner, K., Valdes, A.: Using model-based intrusion detection for scada networks. In: Proceedings of the SCADA Security Scientific Symposium, 46, pp. 1\u201312 (2007)"},{"key":"4_CR7","unstructured":"European Union Agency for Network and Information Security (ENISA): Smart grid security - recommendations for europe and member states, July 2012"},{"issue":"1","key":"4_CR8","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","volume":"28","author":"P Garcia-Teodoro","year":"2009","unstructured":"Garcia-Teodoro, P., Diaz-Verdejo, J., Maci\u00e1-Fern\u00e1ndez, G., V\u00e1zquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1), 18\u201328 (2009)","journal-title":"Comput. Secur."},{"key":"4_CR9","unstructured":"Guralnik, V., Heimerdinger, W., VanRiper, R.: Anomaly-based intrusion detection, uS Patent App. 11\/189,446, 26 July 2005"},{"key":"4_CR10","unstructured":"Leszczyna, R., Egozcue, E., Tarrafeta, L., Villar, V.F., Estremera, R., Alonso, J.: Protecting industrial control systems - recommendations for europe and member states. Technical report, European Union Agency for Network and Information Security (ENISA) (2011)"},{"key":"4_CR11","volume-title":"Security Information and Event Management (SIEM) Implementation","author":"D Miller","year":"2010","unstructured":"Miller, D., Harris, S., Harper, A., VanDyke, S., Blask, C.: Security Information and Event Management (SIEM) Implementation. McGraw Hill Professional, New York (2010)"},{"key":"4_CR12","first-page":"1","volume":"5971","author":"R Mitchell","year":"2014","unstructured":"Mitchell, R., Chen, I.R.: Behavior rule specification-based intrusion detection for safety critical medical cyber physical systems. IEEE Trans. Dependable Secur. Comput. 5971, 1 (2014). http:\/\/ieeexplore.ieee.org\/lpdocs\/epic03\/wrapper.htm?arnumber=6774867","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"4_CR13","unstructured":"Modbus, I.D.A.: Modbus application protocol specification v1. 1a. North Grafton, Massachusetts (2004). www.modbus.org\/specs.php"},{"issue":"10","key":"4_CR14","doi-asserted-by":"crossref","first-page":"3943","DOI":"10.1109\/TIE.2011.2181132","volume":"59","author":"IN Fovino","year":"2012","unstructured":"Fovino, I.N., Coletta, A., Carcano, A., Masera, M.: Critical state-based filtering system for securing SCADA network protocols. IEEE Trans. Ind. Electron. 59(10), 3943\u20133950 (2012). http:\/\/ieeexplore.ieee.org\/lpdocs\/epic03\/wrapper.htm?arnumber=6111289","journal-title":"IEEE Trans. Ind. Electron."},{"key":"4_CR15","first-page":"229","volume":"99","author":"M Roesch","year":"1999","unstructured":"Roesch, M., et al.: Snort: lightweight intrusion detection for networks. LISA 99, 229\u2013238 (1999)","journal-title":"LISA"},{"key":"4_CR16","unstructured":"Smart Grid Interoperability Panel Cyber Security Working Group and others: Nistir 7628-guidelines for smart grid cyber security, vol. 1\u20133 (2010)"},{"key":"4_CR17","unstructured":"Stouffer, K., Falco, J., Scarfone, K.: Guide to Industrial Control Systems (ICS) Security: Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations such as Programmable Logic Controllers (PLC). Technical report, National Institute of Standards and Technology, Gaithersburg, MD. http:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-82r1.pdf"},{"key":"4_CR18","unstructured":"Swales, A.: Open Modbus\/TCP specification. Schneider Electr. 26, 29 March 1999"},{"key":"4_CR19","unstructured":"Xiao, K., Chen, N., Ren, S., Shen, L., Sun, X., Kwiat, K., Macalik, M.: A workflow-based non-intrusive approach for enhancing the survivability of critical infrastructures in cyber environment. In: Third International Workshop on Software Engineering for Secure System, SESS 2007, ICSE Workshop, p. 4 (2007). http:\/\/ieeexplore.ieee.org\/lpdocs\/epic03\/wrapper.htm?arnumber=4273330"},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Zimmer, C., Bhat, B., Mueller, F., Mohan, S.: Time-based intrusion detection in cyber-physical systems. In: Proceedings of the 1st ACM\/IEEE International Conference on Cyber-Physical Systems, pp. 109\u2013118. ACM (2010)","DOI":"10.1145\/1795194.1795210"}],"container-title":["Lecture Notes in Computer Science","Security of Industrial Control Systems and Cyber Physical Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-40385-4_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,24]],"date-time":"2017-06-24T16:35:11Z","timestamp":1498322111000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-40385-4_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319403847","9783319403854"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-40385-4_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]}}}