{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:17:23Z","timestamp":1750220243434,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,4,25]],"date-time":"2022-04-25T00:00:00Z","timestamp":1650844800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"European Union?s Horizon 2020 research and innovation programme","award":["883242"],"award-info":[{"award-number":["883242"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,4,25]]},"DOI":"10.1145\/3477314.3507313","type":"proceedings-article","created":{"date-parts":[[2022,5,7]],"date-time":"2022-05-07T00:37:36Z","timestamp":1651883856000},"page":"124-132","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["CIIA"],"prefix":"10.1145","author":[{"given":"Olga","family":"Carvalho","sequence":"first","affiliation":[{"name":"Universidade de Lisboa, Lisbon, Portugal"}]},{"given":"Filipe","family":"Apolin\u00e1rio","sequence":"additional","affiliation":[{"name":"Universidade de Lisboa, Lisbon, Portugal"}]},{"given":"Nelson","family":"Escravana","sequence":"additional","affiliation":[{"name":"Universidade de Lisboa, Lisbon, Portugal"}]},{"given":"Carlos","family":"Ribeiro","sequence":"additional","affiliation":[{"name":"Universidade de Lisboa, Lisbon, Portugal"}]}],"member":"320","published-online":{"date-parts":[[2022,5,6]]},"reference":[{"volume-title":"European Network and Information Security Agency (ENISA)","year":"2016","key":"e_1_3_2_1_1_1","unstructured":"Communication network dependencies for ICS\/SCADA systems. European Network and Information Security Agency (ENISA), 2016."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/11805588_2"},{"key":"e_1_3_2_1_3_1","first-page":"37","volume-title":"Computer Security","author":"Adepu S.","year":"2018","unstructured":"S. Adepu, N. K. Kandasamy, and A. Mathur. Epic: An electric power testbed for research and training in cyber physical systems security. In Computer Security, pages 37--52. Springer, 2018."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2005.854119"},{"key":"e_1_3_2_1_5_1","volume-title":"International Society for Optics and Photonics","author":"Argauer B. J.","year":"2008","unstructured":"B. J. Argauer and S. J. Yang. Vtac: Virtual terrain assisted impact assessment for cyber attacks. In Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2008, volume 6973, page 69730F. International Society for Optics and Photonics, 2008."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-95729-6_21"},{"key":"e_1_3_2_1_7_1","first-page":"12","article-title":"Industroyer: Biggest threat to industrial control systems since stuxnet","author":"Cherepanov A.","year":"2017","unstructured":"A. Cherepanov and R. Lipovsky. Industroyer: Biggest threat to industrial control systems since stuxnet. WeLiveSecurity ESET, 12, 2017.","journal-title":"WeLiveSecurity ESET"},{"issue":"61","key":"e_1_3_2_1_8_1","first-page":"1","article-title":"Computer security incident handling guide","volume":"800","author":"Cichonski P.","year":"2012","unstructured":"P. Cichonski, T. Millar, T. Grance, K. Scarfone, et al. Computer security incident handling guide. NIST Special Publication, 800(61):1--147, 2012.","journal-title":"NIST Special Publication"},{"volume-title":"Cyber-argus: Modeling c2 impacts of cyber attacks. Technical report","author":"de Barros Barreto A.","key":"e_1_3_2_1_9_1","unstructured":"A. de Barros Barreto, P. Costa, and M. Hieb. Cyber-argus: Modeling c2 impacts of cyber attacks. Technical report, George Mason Unversity Faifax VA Center for Excellene in Command and Control Communication Computers - Intelligence, 2014."},{"key":"e_1_3_2_1_10_1","volume-title":"7th International Conference on Semantic Technologies for Intelligence, Defense, and Security (STIDS 2012","author":"de Barros Barreto A.","year":"2012","unstructured":"A. de Barros Barreto, P. C. G. Costa, and E. T. Yano. A semantic approach to evaluate the impact of cyber actions on the physical domain. In 7th International Conference on Semantic Technologies for Intelligence, Defense, and Security (STIDS 2012). CEUR-WS. org, 2012."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijcip.2015.04.001"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2009.5380096"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/CISDA.2007.368155"},{"key":"e_1_3_2_1_14_1","volume-title":"Air force Institute of Technology Wright-Patterson AFB OH Center for Cyberspace Research","author":"Grimaila M. R.","year":"2009","unstructured":"M. R. Grimaila, L. W. Fortson, and J. L. Sutton. Design considerations for a cyber incident mission impact assessment (cimia) process. Technical report, Air force Institute of Technology Wright-Patterson AFB OH Center for Cyberspace Research, 2009."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2382574"},{"key":"e_1_3_2_1_17_1","first-page":"1","volume-title":"2008 11th International Conference on Information Fusion","author":"Holsopple J.","year":"2008","unstructured":"J. Holsopple and S. J. Yang. Fusia: Future situation and impact awareness. In 2008 11th International Conference on Information Fusion, pages 1--8. IEEE, 2008."},{"key":"e_1_3_2_1_18_1","volume-title":"Methods and tools for policy analysis. ACM Comput. Surv., 51(6), feb","author":"Jabal A. A.","year":"2019","unstructured":"A. A. Jabal, M. Davari, E. Bertino, C. Makaya, S. Calo, D. Verma, A. Russo, and C. Williams. Methods and tools for policy analysis. ACM Comput. Surv., 51(6), feb 2019."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2011.6127490"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/COGSIMA.2011.5753753"},{"key":"e_1_3_2_1_21_1","first-page":"1","volume-title":"14th international conference on information fusion","author":"Jakobson G.","year":"2011","unstructured":"G. Jakobson. Mission cyber security situation assessment using impact dependency graphs. In 14th international conference on information fusion, pages 1--8. IEEE, 2011."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3230833.3232799"},{"key":"e_1_3_2_1_23_1","first-page":"77090M","volume-title":"Cyber Security, Situation Management, and Impact Assessment II","author":"Khalili A.","unstructured":"A. Khalili, B. Michalk, L. Alford, C. Henney, and L. Gilbert. Impact modeling and prediction of attacks on cyber targets. In Cyber Security, Situation Management, and Impact Assessment II; and Visual Analytics for Homeland Defense and Security II, volume 7709, page 77090M. International Society for Optics and Photonics, 2010."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12243-017-0617-0"},{"key":"e_1_3_2_1_25_1","volume-title":"Naval Research laboratory Washington-DC Center for High Assurance Computing (CHACS)","author":"Kim A.","year":"2014","unstructured":"A. Kim, M. H. Kang, J. Z. Luo, and A. Velasquez. A framework for event prioritization in cyber network defense. Technical report, Naval Research laboratory Washington-DC Center for High Assurance Computing (CHACS), 2014."},{"key":"e_1_3_2_1_26_1","first-page":"1","volume-title":"2013 5th International Conference on Cyber Conflict (CYCON 2013","author":"Kotenko I.","year":"2013","unstructured":"I. Kotenko and A. Chechulin. A cyber attack modeling and impact assessment framework. In 2013 5th International Conference on Cyber Conflict (CYCON 2013), pages 1--24. IEEE, 2013."},{"issue":"3","key":"e_1_3_2_1_27_1","first-page":"14","article-title":"Evaluation of computer network security based on attack graphs and security event processing","volume":"5","author":"Kotenko I. V.","year":"2014","unstructured":"I. V. Kotenko and E. Doynikova. Evaluation of computer network security based on attack graphs and security event processing. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 5(3):14--29, 2014.","journal-title":"J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2017.3681068"},{"key":"e_1_3_2_1_29_1","volume-title":"NATO IST-128 Workshop on Cyber Attack Detection, Forensics and Attribution for Assessment of Mission Impact.","author":"Lange M.","year":"2015","unstructured":"M. Lange, M. Krotofil, and R. M\u00f6ller. Mission impact assessment in power grids. In NATO IST-128 Workshop on Cyber Attack Detection, Forensics and Attribution for Assessment of Mission Impact. Istanbul, Turkey: Information Systems Technology Panel, 2015."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSREW51248.2020.00029"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2017.8228706"},{"key":"e_1_3_2_1_32_1","first-page":"16","volume-title":"Istanbul","author":"Motzek A.","year":"2015","unstructured":"A. Motzek, R. M\u00f6ller, M. Lange, and S. Dubus. Probabilistic mission impact assessment based on widespread local events. In NATO IST-128 Workshop: Assessing Mission Impact of Cyberattacks, NATO IST-128 Workshop, Istanbul, Turkey, pages 16--22, 2015."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SYSCON.2011.5929055"},{"key":"e_1_3_2_1_34_1","first-page":"446","volume-title":"5th Eur. Conf. Inf. Manag. Eval. ECIME 2011","author":"Musman S.","year":"2011","unstructured":"S. Musman, M. Tanner, A. Temin, D. Fox, and B. Pridemore. Evaluating the impact of cyber attacks on missions. In 5th Eur. Conf. Inf. Manag. Eval. ECIME 2011, pages 446--456, 2011."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/THS.2015.7225283"},{"key":"e_1_3_2_1_36_1","first-page":"117","volume-title":"Handbook of Statistics","author":"Noel S.","year":"2016","unstructured":"S. Noel, E. Harley, K. H. Tam, M. Limiero, and M. Share. Cygraph: graph-based analytics and visualization for cybersecurity. In Handbook of Statistics, volume 35, pages 117--167. Elsevier, 2016."},{"key":"e_1_3_2_1_37_1","volume-title":"Forensics and Attribution for Assessment of Mission Impact","author":"Noel S.","year":"2015","unstructured":"S. Noel, J. Ludwig, P. Jain, D. Johnson, R. K. Thomas, J. McFarland, B. King, S. Webster, and B. Tello. Analyzing mission impacts of cyber actions (amica). In NATO IST-128 Workshop on Cyber Attack Detection, Forensics and Attribution for Assessment of Mission Impact, 2015."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2016.07.016"},{"key":"e_1_3_2_1_39_1","volume-title":"14th UNSENIX Security Symposium","author":"Ou X.","year":"2013","unstructured":"X. Ou, S. Govindavajhala, and A. W. Appel. Mulval: A logic-based, data-driven enterprise security analyser. In 14th UNSENIX Security Symposium, 2013."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-36084-0_6"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88313-5_2"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3198458.3198461"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2809826.2809834"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSYST.2014.2344048"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2017.2708096"}],"event":{"name":"SAC '22: The 37th ACM\/SIGAPP Symposium on Applied Computing","sponsor":["SIGAPP ACM Special Interest Group on Applied Computing"],"location":"Virtual Event","acronym":"SAC '22"},"container-title":["Proceedings of the 37th ACM\/SIGAPP Symposium on Applied Computing"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3477314.3507313","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3477314.3507313","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:30Z","timestamp":1750188630000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3477314.3507313"}},"subtitle":["critical infrastructure impact assessment"],"short-title":[],"issued":{"date-parts":[[2022,4,25]]},"references-count":44,"alternative-id":["10.1145\/3477314.3507313","10.1145\/3477314"],"URL":"https:\/\/doi.org\/10.1145\/3477314.3507313","relation":{},"subject":[],"published":{"date-parts":[[2022,4,25]]},"assertion":[{"value":"2022-05-06","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}