Acknowledgement
이 논문은 2022년도 과학기술정보통신부의 재원으로 IITP의 지원을 받아 수행된 연구임 (No.2021-0-01774, IEC 62443 기반의 스마트공장 보안 내재화 및 임베디드 기기 보안 기술 개발).
References
- M. K. Gil, "In 2021, the first year of OT security... Cooperation between ICS operators, manufacturers, and security vendors is essential" [Internet], https://www.dailysecu.com/news/articleView.html?idxno=110872.
- Hugh Taylor, "News Insights: Gangnam Industrial Style: Apt Campaign Targets Korean Industrial Companies - Cyberx" [Internet], https://journalofcyberpolicy.com/2019/12/17/news-insights-gangnam-industrial-style-apt-campaign-targets-korean-industrial-companies-cyberx/.
- The White House, "FACT SHEET: President Signs Executive Order Charting New Course to Improve the Nation's Cybersecurity and Protect Federal Government Networks" [Internet], https://www.whitehouse.gov/briefing-room/statements-releases/2021/05/12/fact-sheet-president-signs-executive-order-charting-new-course-to-improve-the-nations-cybersecurity-and-protect-federal-government-networks/.
- IEC 62443-4-1:2018, "Security for industrial automation and control systems - Part 4-1: Secure product development lifecycle requirements," Jan. 15, 2018.
- IEC Editorial Team, "Understanding IEC 62443" International Electrotechnical Commission News & blogs, Feb. 26, 2021, [Internet], https://www.iec.ch/blog/understandingiec-62443.
- IEC TS 62443-1-1:2009, Industrial communication networks - Network and system security - Part 1-1: Terminology, concepts and models, Jul. 30, 2009.
- IEC 62443-2-1:2010, Industrial communication networks - Network and system security - Part 2-1: Establishing an industrial automation and control system security program, Nov. 10, 2010.
- IEC TR 62443-2-3:2015, Security for industrial automation and control systems - Part 2-3: Patch management in the IACS environment, Jun. 30, 2015.
- IEC TR 62443-3-1:2009, Industrial communication networks - Network and system security - Part 3-1: Security technologies for industrial automation and control systems, Jul. 30, 2009.
- IEC TR 62443-2-3:2015, Security for industrial automation and control systems - Part 2-3: Patch management in the IACS environment, Jun. 30, 2015.
- IEC 62443-3-3:2013, Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels, Aug. 7, 2013.
- IEC 62443-4-2:2019, Security for industrial automation and control systems - Part 4-2: Technical security requirements for IACS components, Feb. 27, 2019.
- ISO/IEC/IEEE 24748-1:2018, Systems and software engineering - Life cycle management - Part 1: Guidelines for life cycle management, Nov. 2018.
- ISO/IEC/IEEE 15288:2015, Systems and software engineering - System life cycle processes, May 2015.
- ISO/IEC/IEEE 12207:2017, Systems and software engineering - Software life cycle processes, Nov. 2017.
- Kilian Marty, "How to implement Cyber Security acc. to IEC 62443," CertX, Nov. 12, 2020, https://certx.com/cybersecurity/how-to-implement-cyber-security-acc-to-iec-62443-ep-4-penetrations-tests.
- J. J. Ha, J. T. Kim, S. S. Park, and K.h. Han, "A study on threat analysis and risk assessment in a smart manufacturing environment based on IEC 62443," KICS Fall Conference 2021, Nov. 18, 2021.
- ISO/SAE 21434:2021, Road vehicles - Cybersecurity engineering, August, 2021
- The MITRE Corporation, CVE Program [Internet], https://www.cve.org/.
- A. Shostack, "Experiences threat modeling at microsoft," MODSEC@ MoDELS 2008, 35, 2008.
- ISO/IEC 29192-2:2019, Information security - Lightweight cryptography - Part 2: Block ciphers, Nov. 2019.
- KS X 3246:2016, 128-bit block cipher LEA, Oct. 20. 2016.