{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T05:04:22Z","timestamp":1750309462476,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100011403","name":"GCHQ","doi-asserted-by":"publisher","award":[""],"award-info":[{"award-number":[""]}],"id":[{"id":"10.13039\/100011403","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,30]]},"DOI":"10.1145\/3688459.3688471","type":"proceedings-article","created":{"date-parts":[[2024,11,20]],"date-time":"2024-11-20T08:31:55Z","timestamp":1732091515000},"page":"200-219","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Usability Study of Security Features in Programmable Logic Controllers"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-0428-1602","authenticated-orcid":false,"given":"Karen","family":"Li","sequence":"first","affiliation":[{"name":"University of Bristol, Bristol, United Kingdom,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8420-3929","authenticated-orcid":false,"given":"Kopo","family":"Ramokapane","sequence":"additional","affiliation":[{"name":"University of Bristol, Bristol, United Kingdom,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0109-1341","authenticated-orcid":false,"given":"Awais","family":"Rashid","sequence":"additional","affiliation":[{"name":"University of Bristol, Bristol, United Kingdom,"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,11,20]]},"reference":[{"key":"e_1_3_3_2_2_2","volume-title":"Fifteenth Symposium on Usable Privacy and Security, SOUPS 2019, Santa Clara, CA, USA, August 11-13, 2019","author":"Abdi Noura","year":"2019","unstructured":"Noura Abdi, Kopo\u00a0M. Ramokapane, and Jose\u00a0M. Such. 2019. More than Smart Speakers: Security and Privacy Perceptions of Smart Home Personal Assistants. In Fifteenth Symposium on Usable Privacy and Security, SOUPS 2019, Santa Clara, CA, USA, August 11-13, 2019, Heather\u00a0Richter Lipford (Ed.). USENIX Association."},{"key":"e_1_3_3_2_3_2","first-page":"257","volume-title":"22nd USENIX security symposium (USENIX Security 13)","author":"Akhawe Devdatta","year":"2013","unstructured":"Devdatta Akhawe and Adrienne\u00a0Porter Felt. 2013. Alice in warningland: a { Large-Scale} field study of browser security warning effectiveness. In 22nd USENIX security symposium (USENIX Security 13). 257\u2013272."},{"key":"e_1_3_3_2_4_2","doi-asserted-by":"crossref","unstructured":"Tejasvi Alladi Vinay Chamola and Sherali Zeadally. 2020. Industrial control systems: Cyberattack trends and countermeasures. Computer Communications 155 (2020) 1\u20138.","DOI":"10.1016\/j.comcom.2020.03.007"},{"key":"e_1_3_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300540"},{"key":"e_1_3_3_2_6_2","doi-asserted-by":"publisher","DOI":"10.1145\/503376.503459"},{"key":"e_1_3_3_2_7_2","doi-asserted-by":"publisher","DOI":"10.1016\/B978-0-12-802929-9.00001-7"},{"key":"e_1_3_3_2_8_2","doi-asserted-by":"crossref","unstructured":"Virginia Braun and Victoria Clarke. 2006. Using thematic analysis in psychology. Qualitative research in psychology 3 2 (2006) 77\u2013101.","DOI":"10.1191\/1478088706qp063oa"},{"key":"e_1_3_3_2_9_2","doi-asserted-by":"publisher","DOI":"10.5555\/3158815"},{"key":"e_1_3_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.1145\/1357054.1357219"},{"key":"e_1_3_3_2_11_2","first-page":"113","volume-title":"Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023","author":"Evripidou Stefanos","year":"2023","unstructured":"Stefanos Evripidou, Uchenna\u00a0Daniel Ani, Stephen Hailes, and Jeremy D.\u00a0McK. Watson. 2023. Exploring the Security Culture of Operational Technology (OT) Organisations: the Role of External Consultancy in Overcoming Organisational Barriers. In Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023, Patrick\u00a0Gage Kelley and Apu Kapadia (Eds.). USENIX Association, 113\u2013129."},{"key":"e_1_3_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1145\/2702123.2702442"},{"key":"e_1_3_3_2_13_2","doi-asserted-by":"crossref","unstructured":"Jennifer Fereday and Eimear Muir-Cochrane. 2006. Demonstrating rigor using thematic analysis: A hybrid approach of inductive and deductive coding and theme development. International journal of qualitative methods 5 1 (2006) 80\u201392.","DOI":"10.1177\/160940690600500107"},{"key":"e_1_3_3_2_14_2","volume-title":"Statistical methods for rates and proportions","author":"Fleiss Joseph\u00a0L","year":"2013","unstructured":"Joseph\u00a0L Fleiss, Bruce Levin, and Myunghee\u00a0Cho Paik. 2013. Statistical methods for rates and proportions. john wiley & sons."},{"key":"e_1_3_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-71075-4_3"},{"key":"e_1_3_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/3338499.3357355"},{"key":"e_1_3_3_2_17_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-75462-8_13"},{"key":"e_1_3_3_2_18_2","doi-asserted-by":"crossref","unstructured":"Leo\u00a0A Goodman. 1961. Snowball sampling. The annals of mathematical statistics (1961) 148\u2013170.","DOI":"10.1214\/aoms\/1177705148"},{"key":"e_1_3_3_2_19_2","doi-asserted-by":"publisher","DOI":"10.14236\/ewic\/ics-csr2014.2"},{"key":"e_1_3_3_2_20_2","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664277"},{"key":"e_1_3_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-58460-7_22"},{"volume-title":"Global PLC market share as of 2017, by manufacturer","year":"2021","key":"e_1_3_3_2_22_2","unstructured":"IBM. 2021 (accessed September 19, 2021). Global PLC market share as of 2017, by manufacturer. https:\/\/www.ibm.com\/docs\/en\/ibm-mq\/7.5?topic=overview-concepts-mechanisms\/."},{"key":"e_1_3_3_2_23_2","volume-title":"ISO 9241-11:2018: Ergonomics of human-system interaction \u2013 Part 11: Usability: Definitions and concepts","author":"(ISO) International Organization for Standardization","year":"2018","unstructured":"International Organization for Standardization (ISO). 2018. ISO 9241-11:2018: Ergonomics of human-system interaction \u2013 Part 11: Usability: Definitions and concepts. International Standard. International Organization for Standardization, Geneva, Switzerland."},{"key":"e_1_3_3_2_24_2","first-page":"327","volume-title":"Eleventh Symposium On Usable Privacy and Security (SOUPS 2015)","author":"Ion Iulia","year":"2015","unstructured":"Iulia Ion, Rob Reeder, and Sunny Consolvo. 2015. { \u201c... No} one Can Hack My { Mind\u201d} : Comparing Expert and { Non-Expert} Security Practices. In Eleventh Symposium On Usable Privacy and Security (SOUPS 2015). 327\u2013346."},{"key":"e_1_3_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1145\/2994487.2994496"},{"key":"e_1_3_3_2_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2000.898889"},{"key":"e_1_3_3_2_27_2","volume-title":"Discourse analysis","author":"Johnstone Barbara","year":"2017","unstructured":"Barbara Johnstone. 2017. Discourse analysis. John Wiley & Sons."},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2010.77"},{"key":"e_1_3_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00060"},{"key":"e_1_3_3_2_30_2","series-title":"(SEC\u201917)","first-page":"1339","volume-title":"Proceedings of the 26th USENIX Conference on Security Symposium","author":"Krombholz Katharina","year":"2017","unstructured":"Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, and Edgar Weippl. 2017. \"I Have No Idea What i\u2019m Doing\": On the Usability of Deploying HTTPS. In Proceedings of the 26th USENIX Conference on Security Symposium (Vancouver, BC, Canada) (SEC\u201917). USENIX Association, USA, 1339\u20131356."},{"key":"e_1_3_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1145\/3481357.3481527"},{"key":"e_1_3_3_2_32_2","doi-asserted-by":"publisher","DOI":"10.1145\/3617072.3617114"},{"key":"e_1_3_3_2_33_2","doi-asserted-by":"publisher","DOI":"10.1145\/3656156.3663724"},{"key":"e_1_3_3_2_34_2","volume-title":"Designing a qualitative study","author":"Maxwell Joseph\u00a0A","year":"2008","unstructured":"Joseph\u00a0A Maxwell et\u00a0al. 2008. Designing a qualitative study. Vol.\u00a02. The SAGE handbook of applied social research methods."},{"key":"e_1_3_3_2_35_2","unstructured":"Wilfried Mayer Katharina Krombholz Martin Schmiedecker and EDGAR WEIPPL. 2017. Securing the Internet One HTTP 200 OK at a Time. ; login: 42 4 (2017)."},{"key":"e_1_3_3_2_36_2","unstructured":"Francis\u00a0X McKeen Ken Reneris and David\u00a0W Grawrock. 2008. Mechanism to secure computer output from software attack using isolated execution. US Patent 7 389 427."},{"key":"e_1_3_3_2_37_2","doi-asserted-by":"crossref","unstructured":"Stephen McLaughlin Charalambos Konstantinou Xueyang Wang Lucas Davi Ahmad-Reza Sadeghi Michail Maniatakos and Ramesh Karri. 2016. The cybersecurity landscape in industrial control systems. Proc. IEEE 104 5 (2016) 1039\u20131057.","DOI":"10.1109\/JPROC.2015.2512235"},{"key":"e_1_3_3_2_38_2","doi-asserted-by":"crossref","unstructured":"Ola Michalec Sveta Milyaeva and Awais Rashid. 2021. Reconfiguring governance: How cyber security regulations are reconfiguring water governance. Regulation & Governance (2021).","DOI":"10.1111\/rego.12423"},{"key":"e_1_3_3_2_39_2","doi-asserted-by":"crossref","unstructured":"Ola Michalec Sveta Milyaeva and Awais Rashid. 2022. When the future meets the past: Can safety and cyber security coexist in modern critical infrastructures? Big Data & Society 9 1 (2022) 20539517221108369.","DOI":"10.1177\/20539517221108369"},{"key":"e_1_3_3_2_40_2","first-page":"301","volume-title":"Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020)","author":"Michalec Ola","year":"2020","unstructured":"Ola Michalec, Dirk Van Der\u00a0Linden, Sveta Milyaeva, and Awais Rashid. 2020. Industry Responses to the European Directive on Security of Network and Information Systems (NIS)): Understanding policy implementation practices across critical infrastructures. In Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020). 301\u2013317."},{"key":"e_1_3_3_2_41_2","doi-asserted-by":"publisher","DOI":"10.1145\/1142405.1142439"},{"key":"e_1_3_3_2_42_2","doi-asserted-by":"publisher","DOI":"10.1145\/1753326.1753685"},{"key":"e_1_3_3_2_43_2","doi-asserted-by":"crossref","unstructured":"Xiaojun Pan Zhuoran Wang and Yanbin Sun. 2020. Review of PLC security issues in industrial control system. Journal of Cybersecurity 2 2 (2020) 69.","DOI":"10.32604\/jcs.2020.010045"},{"key":"e_1_3_3_2_44_2","first-page":"241","volume-title":"Thirteenth Symposium on Usable Privacy and Security, SOUPS 2017, Santa Clara, CA, USA, July 12-14, 2017","author":"Ramokapane Kopo\u00a0M.","year":"2017","unstructured":"Kopo\u00a0M. Ramokapane, Awais Rashid, and Jose\u00a0M. Such. 2017. \"I feel stupid I can\u2019t delete...\": A Study of Users\u2019 Cloud Deletion Practices and Coping Strategies. In Thirteenth Symposium on Usable Privacy and Security, SOUPS 2017, Santa Clara, CA, USA, July 12-14, 2017. USENIX Association, 241\u2013256."},{"key":"e_1_3_3_2_45_2","doi-asserted-by":"publisher","DOI":"10.1145\/3173574.3174086"},{"key":"e_1_3_3_2_46_2","volume-title":"Global PLC market share as of 2017, by manufacturer","author":"Research Deutsche\u00a0Bank","year":"2018","unstructured":"Deutsche\u00a0Bank Research. 2018 (accessed February 19, 2020). Global PLC market share as of 2017, by manufacturer. https:\/\/www.statista.com\/statistics\/897201\/global-plc-market-share-by-manufacturer\/."},{"key":"e_1_3_3_2_47_2","doi-asserted-by":"crossref","unstructured":"Jerome\u00a0H Saltzer and Michael\u00a0D Schroeder. 1975. The protection of information in computer systems. Proc. IEEE 63 9 (1975) 1278\u20131308.","DOI":"10.1109\/PROC.1975.9939"},{"key":"e_1_3_3_2_48_2","unstructured":"M\u00a0Angela Sasse and Ivan Flechais. 2005. Usable security: Why do we need it? How do we get it?O\u2019Reilly."},{"key":"e_1_3_3_2_49_2","volume-title":"Human-computer Interaction, INTERACT\u201999: IFIP TC. 13 International Conference on Human-Computer Interaction, 30th August-3rd September 1999, Edinburgh, UK","volume":"1","author":"Sasse Martina\u00a0Angela","year":"1999","unstructured":"Martina\u00a0Angela Sasse, Chris Johnson, and Chris\u00a0W Johnson. 1999. Human-computer Interaction, INTERACT\u201999: IFIP TC. 13 International Conference on Human-Computer Interaction, 30th August-3rd September 1999, Edinburgh, UK. Vol.\u00a01. IOS Press."},{"key":"e_1_3_3_2_50_2","doi-asserted-by":"crossref","unstructured":"Elaine Seymour. 1995. The loss of women from science mathematics and engineering undergraduate majors: An explanatory account. Science education 79 4 (1995) 437\u2013473.","DOI":"10.1002\/sce.3730790406"},{"key":"e_1_3_3_2_51_2","doi-asserted-by":"publisher","DOI":"10.1201\/9780203489925.ch82"},{"key":"e_1_3_3_2_52_2","unstructured":"Keith Stouffer Joe Falco Karen Scarfone et\u00a0al. 2011. Guide to industrial control systems (ICS) security. NIST special publication 800 82 (2011) 16\u201316."},{"key":"e_1_3_3_2_53_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-20550-2_4"},{"key":"e_1_3_3_2_54_2","first-page":"399","volume-title":"USENIX security symposium","author":"Sunshine Joshua","year":"2009","unstructured":"Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie\u00a0Faith Cranor. 2009. Crying wolf: An empirical study of ssl warning effectiveness.. In USENIX security symposium. Montreal, Canada, 399\u2013416."},{"key":"e_1_3_3_2_55_2","doi-asserted-by":"publisher","DOI":"10.5555\/1203417"},{"key":"e_1_3_3_2_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363220"},{"key":"e_1_3_3_2_57_2","first-page":"45","volume-title":"Cryptographers\u2019 Track at the RSA Conference","author":"Ukrop Martin","year":"2018","unstructured":"Martin Ukrop and Vashek Matyas. 2018. Why Johnny the developer can\u2019t work with public key certificates. In Cryptographers\u2019 Track at the RSA Conference. Springer, 45\u201364."},{"key":"e_1_3_3_2_58_2","doi-asserted-by":"publisher","DOI":"10.1145\/2858036.2858546"},{"key":"e_1_3_3_2_59_2","first-page":"123","volume-title":"Eleventh Symposium On Usable Privacy and Security ({ SOUPS} 2015)","author":"Ur Blase","year":"2015","unstructured":"Blase Ur, Fumiko Noma, Jonathan Bees, Sean\u00a0M Segreti, Richard Shay, Lujo Bauer, Nicolas Christin, and Lorrie\u00a0Faith Cranor. 2015. \" I Added\u2019!\u2019at the End to Make It Secure\": Observing Password Creation in the Lab. In Eleventh Symposium On Usable Privacy and Security ({ SOUPS} 2015). 123\u2013140."},{"key":"e_1_3_3_2_60_2","doi-asserted-by":"publisher","DOI":"10.1145\/1837110.1837125"},{"key":"e_1_3_3_2_61_2","first-page":"169","volume-title":"USENIX security symposium","author":"Whitten Alma","year":"1999","unstructured":"Alma Whitten and J\u00a0Doug Tygar. 1999. Why Johnny Can\u2019t Encrypt: A Usability Evaluation of PGP 5.0.. In USENIX security symposium , Vol.\u00a0348. 169\u2013184."},{"key":"e_1_3_3_2_62_2","volume-title":"Symposium on usable privacy and security","author":"Wong Tina","year":"2008","unstructured":"Tina Wong. 2008. On the usability of firewall configuration. In Symposium on usable privacy and security."},{"key":"e_1_3_3_2_63_2","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124863"},{"key":"e_1_3_3_2_64_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_6"},{"key":"e_1_3_3_2_65_2","doi-asserted-by":"publisher","DOI":"10.1145\/304851.304859"}],"event":{"name":"EuroUSEC 2024: The 2024 European Symposium on Usable Security","acronym":"EuroUSEC 2024","location":"Karlstad Sweden"},"container-title":["Proceedings of the 2024 European Symposium on Usable Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3688459.3688471","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3688459.3688471","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:10:29Z","timestamp":1750295429000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3688459.3688471"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":64,"alternative-id":["10.1145\/3688459.3688471","10.1145\/3688459"],"URL":"https:\/\/doi.org\/10.1145\/3688459.3688471","relation":{},"subject":[],"published":{"date-parts":[[2024,9,30]]},"assertion":[{"value":"2024-11-20","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}