{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T19:53:41Z","timestamp":1776887621248,"version":"3.51.2"},"reference-count":32,"publisher":"IEEE","license":[{"start":{"date-parts":[[2020,9,1]],"date-time":"2020-09-01T00:00:00Z","timestamp":1598918400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2020,9,1]],"date-time":"2020-09-01T00:00:00Z","timestamp":1598918400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2020,9,1]],"date-time":"2020-09-01T00:00:00Z","timestamp":1598918400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,9]]},"DOI":"10.1109\/etfa46521.2020.9212128","type":"proceedings-article","created":{"date-parts":[[2020,10,5]],"date-time":"2020-10-05T21:37:37Z","timestamp":1601933857000},"page":"1537-1543","source":"Crossref","is-referenced-by-count":64,"title":["An Analysis of Black Energy 3, Crashoverride, and Trisis, Three Malware Approaches Targeting Operational Technology Systems"],"prefix":"10.1109","author":[{"given":"Marcus","family":"Geiger","sequence":"first","affiliation":[]},{"given":"Jochen","family":"Bauer","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Masuch","sequence":"additional","affiliation":[]},{"given":"Jorg","family":"Franke","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref32","article-title":"Using model-based intrusion detection for SCADA networks","volume":"46","author":"cheung","year":"2007","journal-title":"Proceedings of the Scada Security Scientific Symposium"},{"key":"ref31","article-title":"Anomaly-based intrusion detection for SCADA systems","author":"yang","year":"2006","journal-title":"5th Intl Topical Meeting on Nuclear Plant Instrumentation Control and Human Machine Interface Technologies (NPIC&HMIT 05)"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.4108\/eai.3-12-2015.2262516"},{"key":"ref10","article-title":"Information technology — Security techniques — Information security management systems — Overview and vocabulary","year":"2018","journal-title":"ISO\/IEC 27000 2018 Geneva CH Standard-Listing"},{"key":"ref11","year":"2019","journal-title":"The EU Cybersecurity Act a new Era dawns on ENISA"},{"key":"ref12","article-title":"Studie zur Information Security Awareness in kleinen und mittleren Unternehmen (KMU)","author":"schmidt","year":"2018","journal-title":"Hochschule Düsseldorf \/ Fachbereich - Medien"},{"key":"ref13","year":"0","journal-title":"VDI and VDE IT-security for industrial automation General model VDI\/VDE 2182 Blatt 1"},{"key":"ref14","year":"0","journal-title":"Information-ssicherheitmanagementsystem fur¨ kleine und mittlere Unternehmen"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/VTS-APWCS.2019.8851679"},{"key":"ref16","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1016\/j.mfglet.2014.01.005","article-title":"Cyber-physical security challenges in manufacturing systems","volume":"2","author":"wells","year":"0","journal-title":"Manufacturing Letters"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/MALWARE.2011.6112333"},{"key":"ref18","article-title":"The industrial control system cyber kill chain","volume":"1","author":"assante","year":"2015","journal-title":"Sans Institute Infosec Reading Room"},{"key":"ref19","year":"2017","journal-title":"TRISIS Malware Analysis of Safety System Targeted Malware"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/BWCCA.2010.85"},{"key":"ref4","article-title":"Global ransomware attack: What we know and don’t know","author":"frenkel","year":"2017"},{"key":"ref27","article-title":"Applicability of Security Standards for Operational Technology by SMEs and Large Enterprises","author":"wagner","year":"2020","journal-title":"IEEE Conference on Emerging Technologies and Factory Automation (ETFA)"},{"key":"ref3","article-title":"Hackers hit dozens of countries exploiting stolen n.s.a. tool","author":"perlroth","year":"2017"},{"key":"ref6","year":"2014","journal-title":"Department of Homeland Security Advisory (icsa-14-178-01) - ics focused malware"},{"key":"ref29","first-page":"595","article-title":"The Design and Implementation of Host-Based Intrusion Detection System","author":"lin","year":"2010","journal-title":"Third International Symposium on Intelligent Information Technology and Security Informatics"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2011.67"},{"key":"ref8","article-title":"Evolution of ICS Attacks and the Prospects for Future Disruptive Events","author":"slowik","year":"2019","journal-title":"Report"},{"key":"ref7","article-title":"Cyber threat landscape in energy sector","author":"kovanen","year":"2018","journal-title":"Proceedings of the 13th International Conference on Cyber Warfare and Security (ICCWS)"},{"key":"ref2","year":"2018","journal-title":"Department of Homeland Security Alert (ta18-201a) - emotet malware"},{"key":"ref9","article-title":"IEC TS 62443, Industrial communication networks - Network and system security","year":"2009","journal-title":"IEC Geneva CH Standard-Listing"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920285"},{"key":"ref20","author":"delpy","year":"0"},{"key":"ref22","year":"2018","journal-title":"NVD - CVE-2018-8872"},{"key":"ref21","year":"2018","journal-title":"NVD - CVE-2018-7522"},{"key":"ref24","article-title":"Detecting and correlating supranational threats for critical infrastructures","author":"b\u00f6ttinger","year":"2016","journal-title":"European Conference on Information Warfare and Security (ECCWS)"},{"key":"ref23","first-page":"139","article-title":"Cyber Threats Impacting Critical Infrastructures","author":"chora?","year":"2016","journal-title":"Studies in Systems Decision and Control Managing the Complexity of Critical Infrastructures"},{"key":"ref26","article-title":"Why crack when you can pass the hash","volume":"21","author":"hummel","year":"2009","journal-title":"Sans Institute Infosec Reading Room"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2016.03.099"}],"event":{"name":"2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)","location":"Vienna, Austria","start":{"date-parts":[[2020,9,8]]},"end":{"date-parts":[[2020,9,11]]}},"container-title":["2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9210104\/9211869\/09212128.pdf?arnumber=9212128","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,27]],"date-time":"2022-06-27T15:38:40Z","timestamp":1656344320000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9212128\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,9]]},"references-count":32,"URL":"https:\/\/doi.org\/10.1109\/etfa46521.2020.9212128","relation":{},"subject":[],"published":{"date-parts":[[2020,9]]}}}