{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:08:34Z","timestamp":1750219714019,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,10,16]],"date-time":"2023-10-16T00:00:00Z","timestamp":1697414400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"NCSC"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3617072.3617114","type":"proceedings-article","created":{"date-parts":[[2023,10,13]],"date-time":"2023-10-13T17:47:04Z","timestamp":1697219224000},"page":"205-217","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Usable Security Model for Industrial Control Systems - Authentication and Authorisation Workflow"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-0428-1602","authenticated-orcid":false,"given":"Karen","family":"Li","sequence":"first","affiliation":[{"name":"University of Bristol, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0109-1341","authenticated-orcid":false,"given":"Awais","family":"Rashid","sequence":"additional","affiliation":[{"name":"University of Bristol, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3082-4564","authenticated-orcid":false,"given":"Anne","family":"Roudaut","sequence":"additional","affiliation":[{"name":"University of Bristol, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2012.325"},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of midwest instruction and computing symposium, Vol.\u00a04. 5.","author":"Akula Srinath","year":"2004","unstructured":"Srinath Akula and Veerabhadram Devisetty. 2004. Image based registration and authentication system. In Proceedings of midwest instruction and computing symposium, Vol.\u00a04. 5."},{"key":"e_1_3_2_1_3_1","volume-title":"Using thematic analysis in psychology. Qualitative research in psychology 3, 2","author":"Braun Virginia","year":"2006","unstructured":"Virginia Braun and Victoria Clarke. 2006. Using thematic analysis in psychology. Qualitative research in psychology 3, 2 (2006), 77\u2013101."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1132736.1132768"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-74800-7_9"},{"volume-title":"The Cyber Security Body of Knowledge","author":"Cardenas Alvaro","key":"e_1_3_2_1_6_1","unstructured":"Alvaro Cardenas. 2019. The Cyber Security Body of Knowledge. University of Bristol, Chapter Cyber-Physical Systems Security. https:\/\/www.cybok.org\/Version 1.0."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.09.009"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/INDUSCON.2018.8627173"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590341"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1177\/160940690600500107"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3027063.3048424"},{"volume-title":"On SCADA control system command and response injection and intrusion detection. In 2010 eCrime Researchers Summit","author":"Gao Wei","key":"e_1_3_2_1_12_1","unstructured":"Wei Gao, Thomas Morris, Bradley Reaves, and Drew Richey. 2010. On SCADA control system command and response injection and intrusion detection. In 2010 eCrime Researchers Summit. IEEE, 1\u20139."},{"key":"e_1_3_2_1_13_1","volume-title":"Security games with unknown adversarial strategies","author":"Garnaev Andrey","year":"2015","unstructured":"Andrey Garnaev, Melike Baykal-Gursoy, and H\u00a0Vincent Poor. 2015. Security games with unknown adversarial strategies. IEEE transactions on cybernetics 46, 10 (2015), 2291\u20132299."},{"key":"e_1_3_2_1_14_1","volume-title":"Snowball sampling. The annals of mathematical statistics","author":"Goodman A","year":"1961","unstructured":"Leo\u00a0A Goodman. 1961. Snowball sampling. The annals of mathematical statistics (1961), 148\u2013170."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1155\/2009\/452907"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1080\/00140139508925103"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2382574"},{"volume-title":"Sustainable Design: HCI, Usability and Environmental Concerns","author":"Issa Tomayess","key":"e_1_3_2_1_18_1","unstructured":"Tomayess Issa and Pedro Isaias. 2022. Usability and Human\u2013Computer Interaction (HCI). In Sustainable Design: HCI, Usability and Environmental Concerns. Springer, 23\u201340."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2010.77"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1136\/qshc.2004.010322"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/52.542294"},{"key":"e_1_3_2_1_22_1","volume-title":"Jules Ferdinand\u00a0Pagna Disso, and Kevin Jones","author":"Knowles William","year":"2015","unstructured":"William Knowles, Daniel Prince, David Hutchison, Jules Ferdinand\u00a0Pagna Disso, and Kevin Jones. 2015. A survey of cyber security management in industrial control systems. International journal of critical infrastructure protection 9 (2015), 52\u201380."},{"key":"e_1_3_2_1_23_1","volume-title":"Security Symposium ({ USENIX} Security 17)","author":"Krombholz Katharina","year":"2017","unstructured":"Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, and Edgar Weippl. 2017. \" I Have No Idea What I\u2019m Doing\"-On the Usability of Deploying { HTTPS}. In 26th { USENIX} Security Symposium ({ USENIX} Security 17). 1339\u20131356."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3481357.3481527"},{"key":"e_1_3_2_1_25_1","volume-title":"The front line of enteric host defense against unwelcome intrusion of harmful microorganisms: mucins, antimicrobial peptides, and microbiota. Clinical microbiology reviews 19, 2","author":"Li\u00e9vin-Le\u00a0Moal Vanessa","year":"2006","unstructured":"Vanessa Li\u00e9vin-Le\u00a0Moal and Alain\u00a0L Servin. 2006. The front line of enteric host defense against unwelcome intrusion of harmful microorganisms: mucins, antimicrobial peptides, and microbiota. Clinical microbiology reviews 19, 2 (2006), 315\u2013337."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ergon.2005.10.004"},{"volume-title":"Security analytics: Big data analytics for cybersecurity: A review of trends, techniques and tools. In 2013 2nd national conference on Information assurance (ncia)","author":"Mahmood Tariq","key":"e_1_3_2_1_27_1","unstructured":"Tariq Mahmood and Uzma Afzal. 2013. Security analytics: Big data analytics for cybersecurity: A review of trends, techniques and tools. In 2013 2nd national conference on Information assurance (ncia). IEEE, 129\u2013134."},{"key":"e_1_3_2_1_28_1","unstructured":"Stephen Mathezer. 2021 (accessed May 18 2023). Introduction to ICS Security Part 3. https:\/\/www.sans.org\/blog\/introduction-to-ics-security-part-3\/."},{"key":"e_1_3_2_1_29_1","volume-title":"Sixteenth Symposium on Usable Privacy and Security, SOUPS 2020","author":"Michalec Ola\u00a0Aleksandra","year":"2020","unstructured":"Ola\u00a0Aleksandra Michalec, Dirk van\u00a0der Linden, Sveta Milyaeva, and Awais Rashid. 2020. Industry Responses to the European Directive on Security of Network and Information Systems (NIS): Understanding policy implementation practices across critical infrastructures. In Sixteenth Symposium on Usable Privacy and Security, SOUPS 2020, August 7-11, 2020, Heather\u00a0Richter Lipford and Sonia Chiasson (Eds.). USENIX Association, 301\u2013317."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/MDAT.2017.2682223"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.csi.2018.12.002"},{"key":"e_1_3_2_1_32_1","unstructured":"BBC News. 2021 (accessed May 18 2023). Hacker tries to poison water supply of Florida city. https:\/\/www.bbc.co.uk\/news\/world-us-canada-55989843."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23768-3_12"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753685"},{"key":"e_1_3_2_1_35_1","unstructured":"Council on Foreign\u00a0Relations. 2015 (accessed May 18 2023). Compromise of a power grid in eastern Ukraine. https:\/\/www.cfr.org\/cyber-operations\/compromise-power-grid-eastern-ukraine."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"Marcus Reul. 2009. Bringing usability to industrial control systems. In CHI\u201909 Extended Abstracts on Human Factors in Computing Systems. ACM 3335\u20133340.","DOI":"10.1145\/1520340.1520482"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.06.015"},{"key":"e_1_3_2_1_38_1","volume-title":"INTERACT\u201999: IFIP TC. 13 International Conference on Human-Computer Interaction, 30th August-3rd","author":"Sasse Martina\u00a0Angela","year":"1999","unstructured":"Martina\u00a0Angela Sasse, Chris Johnson, and Chris\u00a0W Johnson. 1999. Human-computer Interaction, INTERACT\u201999: IFIP TC. 13 International Conference on Human-Computer Interaction, 30th August-3rd September 1999, Edinburgh, UK. Vol.\u00a01. IOS Press."},{"key":"e_1_3_2_1_39_1","volume-title":"Experiences Threat Modeling at Microsoft.MODSEC@ MoDELS 2008","author":"Shostack Adam","year":"2008","unstructured":"Adam Shostack. 2008. Experiences Threat Modeling at Microsoft.MODSEC@ MoDELS 2008 (2008)."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.5555\/2206293"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"crossref","unstructured":"Kohei Sugawara and Hamido Fujita. 2012. Decision Support System for Handling Interruption in Tasks for Workers.. In SoMeT. 273\u2013281.","DOI":"10.3233\/978-1-61499-125-0-273"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-03668-2_3"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1609\/aaai.v24i1.7612"},{"key":"e_1_3_2_1_44_1","volume-title":"Symposium on usable privacy and security.","author":"Wong Tina","year":"2008","unstructured":"Tina Wong. 2008. On the usability of firewall configuration. In Symposium on usable privacy and security."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/2517349.2522727"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2791577"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.adhoc.2021.102607"}],"event":{"name":"EuroUSEC 2023: The 2023 European Symposium on Usable Security","acronym":"EuroUSEC 2023","location":"Copenhagen Denmark"},"container-title":["Proceedings of the 2023 European Symposium on Usable Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617072.3617114","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3617072.3617114","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:36:07Z","timestamp":1750178167000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3617072.3617114"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":47,"alternative-id":["10.1145\/3617072.3617114","10.1145\/3617072"],"URL":"https:\/\/doi.org\/10.1145\/3617072.3617114","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}