Show simple item record

AuthorEKŞİ, GÜLSÜM ECE
AuthorTEKİNERDOĞAN, BEDİR
AuthorCATAL, CAGATAY
Available date2022-11-30T11:23:19Z
Publication Date2022
Publication NameTurkish Journal of Electrical Engineering and Computer Sciences
ResourceScopus
Resource2-s2.0-85132218628
URIhttp://dx.doi.org/10.55730/1300-0632.3841
URIhttp://hdl.handle.net/10576/36785
AbstractCritical infrastructure (CI) is an integrated set of systems and assets that are essential to ensure the functioning of a nation, including its economy, the public's health and/or safety. Hence, protecting critical infrastructures (CI) is vital because of the potential severe consequences that may emerge at the national level. Many CIs are now controlled by software, and likewise, software is often the major source of many security problems in critical infrastructures. Software security management in CIs has been addressed in the literature and several useful approaches have been provided. Yet, these approaches are fragmented over multiple different studies, often do not explicitly relate to CIs, and a synthesized overview of the state-of-the-art on software security in CIs is lacking. To this end, this article presents the results of a systematic literature review (SLR) that identifies and synthesizes how software security has been addressed in CIs. This study identifies and synthesizes the current approaches applied for security management in critical systems in terms of identified security threats, adopted solutions, CI domains, and evaluation approaches. Hereby 32 primary studies were retrieved from electronic databases to respond to the research questions defined in this study. Based on the outcome of the SLR the reported approaches are discussed, and a roadmap is described for security management in CIs. The results of the SLR identify the current open challenges and pave the way for further research. In addition, practitioners can benefit from the best practices in the security management of CIs.
Languageen
PublisherTurkiye Klinikleri
Subjectcritical infrastructures; Software security management; systematic literature review
TitleSoftware security management in critical infrastructures: a systematic literature review
TypeArticle Review
Pagination1142-1161
Issue Number4
Volume Number30
dc.accessType Open Access


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record