{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,22]],"date-time":"2026-06-22T21:32:25Z","timestamp":1782163945141,"version":"3.54.5"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,7,2]],"date-time":"2019-07-02T00:00:00Z","timestamp":1562025600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Bundesministerium fur Bildung und Forschung","award":["16KIS0933K"],"award-info":[{"award-number":["16KIS0933K"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,7,2]]},"DOI":"10.1145\/3327961.3329528","type":"proceedings-article","created":{"date-parts":[[2019,7,9]],"date-time":"2019-07-09T12:53:20Z","timestamp":1562676800000},"page":"37-45","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Deriving Impact-driven Security Requirements and Monitoring Measures for Industrial IoT"],"prefix":"10.1145","author":[{"given":"Gerhard","family":"Hansch","sequence":"first","affiliation":[{"name":"Fraunhofer AISEC, Garching, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Peter","family":"Schneider","sequence":"additional","affiliation":[{"name":"Fraunhofer AISEC, Garching, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Gerd Stefan","family":"Brost","sequence":"additional","affiliation":[{"name":"Fraunhofer AISEC, Garching, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2019,7,2]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Ali Anafcheh et al. 2018. Intrusion Detection with OSSEC.  Ali Anafcheh et al. 2018. Intrusion Detection with OSSEC."},{"key":"e_1_3_2_1_2_1","volume-title":"Softwaretechnik-Trends","volume":"36","author":"Angermeier Daniel","year":"2016","unstructured":"Daniel Angermeier , Alexander Nieding , and J\u00f6rn Eichler . 2016 . Systematic Identification of Security Goals and Threats in Risk Assessment . Softwaretechnik-Trends , Vol. 36 , 3 (2016). Daniel Angermeier, Alexander Nieding, and J\u00f6rn Eichler. 2016. Systematic Identification of Security Goals and Threats in Risk Assessment. Softwaretechnik-Trends, Vol. 36, 3 (2016)."},{"key":"e_1_3_2_1_3_1","volume-title":"IEEE Conference on Application, Information and Network Security (AINS '17)","author":"Ant\u00f3n Simon Duque","unstructured":"Simon Duque Ant\u00f3n , Daniel Fraunholz , Christoph Lipps , Frederic Pohl , Marc Zimmermann , and Hans D. Schotten . 2017. Two decades of SCADA exploitation: A brief history . In IEEE Conference on Application, Information and Network Security (AINS '17) . IEEE, Piscataway, NJ, USA, 98--104. Simon Duque Ant\u00f3n, Daniel Fraunholz, Christoph Lipps, Frederic Pohl, Marc Zimmermann, and Hans D. Schotten. 2017. Two decades of SCADA exploitation: A brief history. In IEEE Conference on Application, Information and Network Security (AINS '17). IEEE, Piscataway, NJ, USA, 98--104."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3198458.3198459"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2732198.2732200"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/MNET.2010.5634434"},{"key":"e_1_3_2_1_9_1","unstructured":"Common Criteria. 2017. Common Methodology for Information Technology Security Evaluation: Evaluation Methodology 3.1r5 ed.). Standard. Common Criteria. https:\/\/www.commoncriteriaportal.org\/files\/ccfiles\/CCPART1V3.1R5.pdf  Common Criteria. 2017. Common Methodology for Information Technology Security Evaluation: Evaluation Methodology 3.1r5 ed.). Standard. Common Criteria. https:\/\/www.commoncriteriaportal.org\/files\/ccfiles\/CCPART1V3.1R5.pdf"},{"issue":"0","key":"e_1_3_2_1_10_1","first-page":"I4","article-title":"DIN SPEC 91345","volume":"4","author":"\u00fcr Deutsches Institut","year":"2016","unstructured":"Deutsches Institut f \u00fcr Normung e. V. 2016 . DIN SPEC 91345 , Reference Architecture Model Industrie 4 . 0 (RAM I4 .0). Standard. DIN, Berlin, Germany. Deutsches Institut f\u00fcr Normung e. V. 2016. DIN SPEC 91345, Reference Architecture Model Industrie 4.0 (RAMI4.0). Standard. DIN, Berlin, Germany.","journal-title":"Reference Architecture Model Industrie"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00766-009-0092-x"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192975.3192984"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664277"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2703906"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/IDAACS.2017.8095051"},{"key":"e_1_3_2_1_17_1","volume-title":"Reference Architecture 1.80 ed.). Standard. IIC .","author":"Industrial Internet Consortium","unstructured":"Industrial Internet Consortium . 2017. The Industrial Internet of Things Volume G 1 : Reference Architecture 1.80 ed.). Standard. IIC . Industrial Internet Consortium. 2017. The Industrial Internet of Things Volume G1: Reference Architecture 1.80 ed.). Standard. IIC ."},{"key":"e_1_3_2_1_18_1","volume-title":"Security for industrial automation and control systems - Part 4--2: Technical security requirements for IACS components. Standard","author":"International Electrotechnical Commission and others. 2019. IEC 62443--4--2:2019","unstructured":"International Electrotechnical Commission and others. 2019. IEC 62443--4--2:2019 , Security for industrial automation and control systems - Part 4--2: Technical security requirements for IACS components. Standard . IEC , Geneva, CH . 192 pages. International Electrotechnical Commission and others. 2019. IEC 62443--4--2:2019, Security for industrial automation and control systems - Part 4--2: Technical security requirements for IACS components. Standard. IEC, Geneva, CH. 192 pages."},{"key":"e_1_3_2_1_19_1","volume-title":"Standard","author":"International Organization for Standardization. 2018a. ISO 27000:2018 Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary.","unstructured":"International Organization for Standardization. 2018a. ISO 27000:2018 Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary. Standard . ISO , Geneva, CH . International Organization for Standardization. 2018a. ISO 27000:2018 Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary. Standard. ISO, Geneva, CH."},{"key":"e_1_3_2_1_20_1","volume-title":"Standard","author":"International Organization for Standardization. 2018b. ISO 27005:2018 Information technology --Security techniques -- Information security risk management.","unstructured":"International Organization for Standardization. 2018b. ISO 27005:2018 Information technology --Security techniques -- Information security risk management. Standard . ISO , Geneva, CH . International Organization for Standardization. 2018b. ISO 27005:2018 Information technology --Security techniques -- Information security risk management. Standard. ISO, Geneva, CH."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/AQTR.2014.6857843"},{"key":"e_1_3_2_1_22_1","volume-title":"1: Guide for conducting risk assessments. Standard","author":"Joint Task Force Transformation Initiative and others. 2012. SP 800--30 Rev.","unstructured":"Joint Task Force Transformation Initiative and others. 2012. SP 800--30 Rev. 1: Guide for conducting risk assessments. Standard . National Institute of Standards and Technology . Joint Task Force Transformation Initiative and others. 2012. SP 800--30 Rev. 1: Guide for conducting risk assessments. Standard. National Institute of Standards and Technology ."},{"key":"e_1_3_2_1_23_1","volume-title":"To Kill a Centrifuge: A Technical Analysis of What Stuxnet's Creators Tried to Achieve. Report","author":"Langner Ralph","unstructured":"Ralph Langner . 2013. To Kill a Centrifuge: A Technical Analysis of What Stuxnet's Creators Tried to Achieve. Report . The Langner Group , Hamburg, Germany . Ralph Langner. 2013. To Kill a Centrifuge: A Technical Analysis of What Stuxnet's Creators Tried to Achieve. Report. The Langner Group, Hamburg, Germany."},{"key":"e_1_3_2_1_25_1","unstructured":"Shi-Wan Lin Brett Murphy Erich Clauer Ulrich Loewen Ralf Neubert Gerd Bachmann Madhusudan Pai and Martin Hank. 2017. Architecture Alignment and Interoperability - An Industrial Internet Consortium and Plattform Industrie 4.0 Joint Whitepaper. https:\/\/www.iiconsortium.org\/pdf\/JTG2_Whitepaper_final_20171205.pdf  Shi-Wan Lin Brett Murphy Erich Clauer Ulrich Loewen Ralf Neubert Gerd Bachmann Madhusudan Pai and Martin Hank. 2017. Architecture Alignment and Interoperability - An Industrial Internet Consortium and Plattform Industrie 4.0 Joint Whitepaper. https:\/\/www.iiconsortium.org\/pdf\/JTG2_Whitepaper_final_20171205.pdf"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.5555\/1103050.1103058"},{"key":"e_1_3_2_1_27_1","unstructured":"Mark Nicolett and Kelly M Kavanagh. 2011. Magic Quadrant for Security Information and Event Management. Gartner RAS Core Research Note G00212454. Gartner Research.  Mark Nicolett and Kelly M Kavanagh. 2011. Magic Quadrant for Security Information and Event Management. Gartner RAS Core Research Note G00212454. Gartner Research."},{"key":"e_1_3_2_1_28_1","unstructured":"Boris Otto Steffen Lohmann S\u00f6ren Auer Gerd S. Brost Jan Cirullies Andreas Eitel Thilo Ernst Christian Haas Manuel Huber Christian Jung etal 2017. Reference architecture model for the Industrial Data Space. Technical Report. Fraunhofer-Gesellschaft Munich.  Boris Otto Steffen Lohmann S\u00f6ren Auer Gerd S. Brost Jan Cirullies Andreas Eitel Thilo Ernst Christian Haas Manuel Huber Christian Jung et al. 2017. Reference architecture model for the Industrial Data Space. Technical Report. Fraunhofer-Gesellschaft Munich."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/TAC.2013.2266831"},{"key":"e_1_3_2_1_31_1","volume-title":"Towards Computer-aided Security Life Cycle Management for Critical Systems. In 13th International Conference on Critical Information Infrastructures Security (CRITIS '18)","author":"Patzer Florian","year":"2018","unstructured":"Florian Patzer , Ankush Meshram , Pascal Birnstill , Christian Haas , and J\u00fcrgen Beyerer . 2018 . Towards Computer-aided Security Life Cycle Management for Critical Systems. In 13th International Conference on Critical Information Infrastructures Security (CRITIS '18) . Springer, Cham, Germany, 45--56. Florian Patzer, Ankush Meshram, Pascal Birnstill, Christian Haas, and J\u00fcrgen Beyerer. 2018. Towards Computer-aided Security Life Cycle Management for Critical Systems. In 13th International Conference on Critical Information Infrastructures Security (CRITIS '18). Springer, Cham, Germany, 45--56."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA.2017.8247663"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.5555\/1039834.1039864"},{"key":"e_1_3_2_1_34_1","volume-title":"Draft NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks. Standard","author":"Scarfone Karen","unstructured":"Karen Scarfone . 2018. Draft NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks. Standard . National Institute of Standards and Technology . Karen Scarfone. 2018. Draft NISTIR 8228: Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks. Standard. National Institute of Standards and Technology."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3264888.3264890"},{"key":"e_1_3_2_1_36_1","volume-title":"Computer Security","author":"Schneider Peter","unstructured":"Peter Schneider and Alexander Giehl . 2018. Realistic Data Generation for Anomaly Detection in Industrial Settings using Simulations . In Computer Security . Springer , Cham, Germany , 119--134. Peter Schneider and Alexander Giehl. 2018. Realistic Data Generation for Anomaly Detection in Industrial Settings using Simulations. In Computer Security. Springer, Cham, Germany, 119--134."},{"key":"e_1_3_2_1_37_1","volume-title":"Brost","author":"Schuette Julian","year":"2018","unstructured":"Julian Schuette and Gerd S . Brost . 2018 . LUCON : Data Flow Control for Message-Based IoT Systems. In 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications\/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE '18). IEEE, Piscataway, NJ, USA , 289--299. Julian Schuette and Gerd S. Brost. 2018. LUCON: Data Flow Control for Message-Based IoT Systems. In 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications\/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom\/BigDataSE '18). IEEE, Piscataway, NJ, USA, 289--299."},{"key":"e_1_3_2_1_38_1","unstructured":"Suricata. 2018. The Next Generation Intrusion Detection System. https:\/\/suricata-ids.org\/  Suricata. 2018. The Next Generation Intrusion Detection System. https:\/\/suricata-ids.org\/"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1007\/11426639_2"},{"key":"e_1_3_2_1_40_1","unstructured":"Wazuh Inc. 2015. wazuh. https:\/\/wazuh.com\/  Wazuh Inc. 2015. wazuh. https:\/\/wazuh.com\/"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.14236\/ewic\/ICS2016.8"},{"key":"e_1_3_2_1_42_1","volume-title":"Automotive - Safety & Security","author":"Wolf Marko","year":"2012","unstructured":"Marko Wolf and Michael Scheibel . 2012. A systematic approach to a qualified security risk analysis for vehicular IT systems . In Automotive - Safety & Security 2012 , Erhard Pl\u00f6dereder, Peter Dencker , Herbert Klenk, Hubert B. Keller, and Silke Spitzer (Eds.). Gesellschaft f\u00fcr Informatik e.V., Bonn, Germany , 195--210. Marko Wolf and Michael Scheibel. 2012. A systematic approach to a qualified security risk analysis for vehicular IT systems. In Automotive - Safety & Security 2012, Erhard Pl\u00f6dereder, Peter Dencker, Herbert Klenk, Hubert B. Keller, and Silke Spitzer (Eds.). Gesellschaft f\u00fcr Informatik e.V., Bonn, Germany, 195--210."}],"event":{"name":"Asia CCS '19: ACM Asia Conference on Computer and Communications Security","location":"Auckland New Zealand","acronym":"Asia CCS '19","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 5th on Cyber-Physical System Security Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3327961.3329528","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3327961.3329528","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:25:33Z","timestamp":1750206333000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3327961.3329528"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,7,2]]},"references-count":37,"alternative-id":["10.1145\/3327961.3329528","10.1145\/3327961"],"URL":"https:\/\/doi.org\/10.1145\/3327961.3329528","relation":{},"subject":[],"published":{"date-parts":[[2019,7,2]]},"assertion":[{"value":"2019-07-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}