Correo Electrónico
DNINFOA - SIA
Bibliotecas
Convocatorias
Identidad U.N.
Publicado
Aeronautic maturity cybersecurity: a framework
Madurez en ciberseguridad aeronáutica: un marco de trabajo
DOI:
https://doi.org/10.15446/dyna.v90n227.107420Palabras clave:
cybersecurity; maturity; aeronautics; framework (en)ciberseguridad; madurez; aeronáutica; marco de trabajo (es)
Descargas
This article presents the results of a systematic review of the methods to implement cybersecurity maturity. Based on them, it proposes a framework for excellence in aeronautical cybersecurity that integrates the objectives of aeronautical cybersecurity with capabilities and requirements, which contributes to increasing the maturity of aeronautical cybersecurity. It exposes 13 objectives with 120 capabilities and 5 functional maturity levels to gradually meet up to 600 aeronautical cybersecurity requirements. Which were taken from articles with good practices associated with publications of the last 5 years and the criteria resulting from the collaboration of managers and the validation of experts in the industry, which allowed it to be enriched with good practices associated with the management of cybersecurity and the resilience of these infrastructures.
Este artículo presenta los resultados de una revisión sistemática a los métodos para implementar madurez en ciberseguridad. A partir de ellos propone un marco de trabajo para la excelencia en ciberseguridad aeronáutica que integra los objetivos de ciberseguridad aeronáutica con capacidades y requerimientos, lo que contribuye a elevar la madurez de la ciberseguridad aeronáutica. Expone 13 objetivos con 120 capacidades y 5 Niveles funcionales de madurez para gradualmente cumplir hasta 600 requerimientos de ciberseguridad aeronáutica. Las cuales fueron tomadas de artículos con buenas prácticas asociadas a publicaciones de los últimos 5 años y el criterio resultado de la colaboración de directivos y la validación de expertos en la industria, lo que permitió se enriqueciera el mismo con buenas prácticas asociadas a la gestión de la ciberseguridad y la resiliencia de estas infraestructuras.
Referencias
ICAO, Resolution A41-19: Addressing cybersecurity in civil aviation, Montreal, Canada, 2022. [consultation, May 7, 2023]. Available at: https://www.icao.int/aviationcybersecurity/Documents/A41-19.pdf .
ICAO, 2016 - 2030 Global Air Navigation Plan - ICAO Doc. 9750-AN/963, 5th Edition, Montreal, Canada, 2022. [consultation, May 7, 2023]. Available at: https://www.icao.int/airnavigation/documents/ganp-2016-interactive.pdf
Zhang, X., Zhong, S., and Mahadevan, S., Airport surface movement prediction and safety assessment with spatial–temporal graph convolutional neural network. Transportation Research Part C: Emerging Technologies, 144, art. 103873, 2022. DOI: http://dx.doi.org/10.1016/j.trc.2022.103873
Sridhar, B., and Bell, D., Sustainable aviation operations and the role of information technology and data science: background, current status and future directions. AIAA AVIATION 2022 Forum. 2022. DOI: https://doi.org/10.2514/6.2022-3705
Stroeve, S., Smeltink, J., and Kirwan, B,. Assessing and advancing safety management in aviation. Safety, 8(2), art. 20, 2022. DOI: https://doi.org/10.3390/safety8020020
Yoon, M.G., and Kim, J.K., Evaluation methodology for safety maturity in air navigation safety. Journal of Air Transport Management, 98, e102159, 2022. DOI: https://doi.org/10.1016/j.jairtraman.2021.102159
Jia, Z., and Qi, F., Developing a civil aviation safety management maturity model to promote the safety level of civil aviation. International Journal of Reliability and Safety, 15(4), art. 306, 2021. DOI: https://doi.org/10.1504/ijrs.2021.10050705
Kour, R., Karim, R., and Thaduri, A., Cybersecurity for railways. A maturity model. Proceedings of the Institution of Mechanical Engineers, Part F: Journal of Rail and Rapid Transit, 234 (10), pp 1129-1148, 2020. DOI: https://doi.org/10.1177/0954409719881849
Yigit-Ozkan, B., van Lingen, S., and Spruit, M., The Cybersecurity Focus Area Maturity (CYSFAM) Model. Journal of Cybersecurity and Privacy, 1(1), pp. 119-139, 2021. DOI: https://doi.org/10.3390/jcp1010007
Ghaffari, F., and Arabsorkhi, A., A New adaptive cyber-security capability maturity model. 2018 9th International Symposium on Telecommunications (IST), 2018. DOI: https://doi.org/10.1109/istel.2018.8661018
Almomani, I., Ahmed, M., and Maglaras, L., Cybersecurity maturity assessment framework for higher education institutions in Saudi Arabia. PeerJ Computer Science, 7, e703. Portico, 2021. DOI: https://doi.org/10.7717/peerj-cs.703
Rea-Guaman, A.M., Mejía, J., San Feliu, T., and Calvo-Manzano, J.A., AVARCIBER: a framework for assessing cybersecurity risks. Cluster Computing, 23(3), pp. 1827-1843, 2020. DOI: https://doi.org/10.1007/s10586-019-03034-9
Aliyu, A., Maglaras, L., He, Y., Yevseyeva, I., Boiten, E., Cook, A., and Janicke, H., A holistic cybersecurity maturity assessment framework for higher education institutions in the United Kingdom. Applied Sciences, 10(10), e3660, 2020. DOI: https://doi.org/10.3390/app10103660
Perales-Manrique, J.H., and Molina-Chirinos, J.A., Modelo de madurez de analítica de datos para el sector financiero, 2020. DOI: https://doi.org/10.19083/tesis/652126
Al-Matari, O.M.M., Helal, I.M.A., Mazen, S.A., and Elhennawy, S., Adopting security maturity model to the organizations’ capability model. Egyptian Informatics Journal, 22(2), pp. 193-199, 2021. DOI: https://doi.org/10.1016/j.eij.2020.08.001
Schlette, D., Vielberth, M., and Pernul, G., CTI-SOC2M2 - The quest for mature, intelligence-driven security operations and incident response capabilities. Computers & Security, 111, e102482, 2021. DOI: https://doi.org/10.1016/j.cose.2021.102482
Malhotra, O., Dey, S., Foo, E., and Helbig, M., Cyber Security maturity model capability at the airports, ACIS 2021 Proceedings, 55, [online]. 2021. Available at: https://aisel.aisnet.org/acis2021/55
Schmitz, C., Schmid, M., Harborth, D., and Pape, S., Maturity level assessments of information security controls: an empirical analysis of practitioners assessment capabilities. Computers & Security, 108, e102306, 2021. DOI: https://doi.org/10.1016/j.cose.2021.102306
Yigit-Ozkan, B., and Spruit, M., A questionnaire model for cybersecurity maturity assessment of critical infrastructures. Information and operational technology security systems, 2019, pp. 49-60. DOI: https://doi.org/10.1007/978-3-030-12085-6_5
Pérez-Navarro, H.B. y Salcedo-Jara, H.L., Modelo de madurez en ciberseguridad para empresas que manejan datos de salud, [en línea]. 2022. Disponible en: http://hdl.handle.net/10757/655801
Cyber Security - An introduction to assessment and maturity frameworks. An introduction to cyber modeling and simulation, 2018, pp. 9-18. DOI: https://doi.org/10.1002/9781119420842.ch2
Zárate-Santos, I.J., Herramienta de armonización entre las normas 27001 y NIST800-53 como pilares para la medición del nivel de madurez del SGSI, [en línea]. 2022. Disponible en: https://hdl.handle.net/10983/26924
Aristizábal-Correa, J.M., Marín-Ramírez, L., and Álvarez-Salazar, J., Identificación de elementos de seguridad basados en el modelo C2M2 para la industria manufacturera del sector textil. Revista Colombiana de Computación, 20(2), pp. 56-67, 2019. DOI: https://doi.org/10.29375/25392115.3722
Drivas, G., Chatzopoulou, A., Maglaras, L., Lambrinoudakis, C., Cook, A., and Janicke, H., A NIS directive compliant cybersecurity maturity assessment framework. 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC), 2020. DOI: https://doi.org/10.1109/compsac48688.2020.00-20
Dube, D.P., and Mohanty, R.P., Towards development of a cyber security capability maturity model. International Journal of Business Information Systems, 34(1), art. 104, 2020. DOI: https://doi.org/10.1504/ijbis.2020.106800
Maglaras, L., Drivas, G., Chouliaras, N., Boiten, E., Lambrinoudakis, C., and Ioannidis, S., Cybersecurity in the era of digital transformation: the case of Greece. 2020 International Conference on Internet of Things and Intelligent Applications (ITIA), 2020. DOI: https://doi.org/10.1109/itia50152.2020.9312297
Gallardo, J., Torres, R., and Tessini, O., Surveillance platform of cybersecurity maturity of micro and small enterprises. 2020 39th International Conference of the Chilean Computer Science Society (SCCC), 2020. DOI: https://doi.org/10.1109/sccc51225.2020.9281264
Orellana-Cabrera, X.E., and Álvarez-Galarza, M.D., Marco de trabajo de gobierno de TI orientado a la ciberseguridad para el sector bancario bajo COBIT 2019. Polo del Conocimiento, 7(3), pp. 706-726, 2022. Available at: https://dialnet.unirioja.es/descarga/articulo/8399852.pdf
Akinsanya, O.O., Papadaki, M., and Sun, L., Current cybersecurity maturity models: how effective in healthcare cloud?. In CERC 2019, pp. 211-222. Available at: https://ceur-ws.org/Vol-2348/paper16.pdf
Stastny, P., and Stoica, A.-M., Protecting aviation safety against cybersecurity threats. IOP Conference Series: Materials Science and Engineering, 1226(1), art. 012025, 2022. DOI: https://doi.org/10.1088/1757-899x/1226/1/012025
Olarte-Rojas, A.D., Propuesta metodológica para la evaluación de la madurez del sistema de gestión de continuidad del negocio en el sector financiero bancario colombiano bajo el enfoque de la norma ISO 22301:2012. SIGNOS - Investigación En Sistemas de Gestión, 8(1), art. 31, 2017. DOI: https://doi.org/10.15332/s2145-1389.2016.0001.02
Uche-M.M., Lucienne A., and Oghenevovwero-Zion. A.A., Conceptual Design of a Cybersecurity Resilience Maturity Measurement (CRMM) framework. The African Journal of Information and Communication (AJIC), 23, 2019. DOI: https://doi.org/10.23962/10539/27535
Irene-Christine, D., and Thinyane, M., Comparative analysis of cyber resilience strategy in Asia-Pacific countries. 2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), 2020. DOI: https://doi.org/10.1109/dasc-picom-cbdcom-cyberscitech49142.2020.00027
Chaudhary, M., and Chopra, A., Planning CMMI Implementation. CMMI for Development, pp 71-80, 2016. DOI: https://doi.org/10.1007/978-1-4842-2529-5_3
Carrizo, D. y Alfaro, A., Método de aseguramiento de la calidad en una metodología de desarrollo de software: un enfoque práctico. Ingeniare. Revista Chilena de Ingeniería, 26(1), pp. 114-129, 2018. DOI: https://doi.org/10.4067/s0718-33052018000100114
Combining NIST SP 800-55 and SP 800-26. Official (ISC)2® Guide to the ISSEP® CBK®, Second Edition, 2005, pp. 781-786. DOI: https://doi.org/10.1201/9780203888933.axc
CANSO, Standard of excellence in cybersecurity, Civil Air Navigation Services Organization, [online]. 2020. [consultation, May 7, 2023]. Available at: https://canso.org/publication/canso-standard-of-excellence-in-cybersecurity/
Meza, J.A.D., Castro, M.L.C., Vivas, R.V.J., and Rueda, A.C.C., Collaborative learning tools used in virtual higher education programs: a sistematic review of literature in Iberoamerica. In: 2020 15th Iberian Conference on Information Systems and Technologies (CISTI), 2020. DOI: https://doi.org/10.23919/cisti49556.2020.9140901
Yogarajah, T., Shanmuganathan, V., and Kuhaneswaran, B., Evaluation and validation using Delphi method & field test for subfertility decision support system. 2020 From Innovation to Impact (FITI), 2020. DOI: https://doi.org/10.1109/fiti52050.2020.9424878
Fajardo-Castro, L.V., Evaluación, diagnóstico e intervención: equipos de alto desempeño. Evaluación, Diagnóstico e Intervención En Psicología Organizacional: Nivel Grupo, pp 41-63, 2021. DOI: https://doi.org/10.14718/9789585133785.2021.3
ISO 27001 and the management system requirements, ISO/IEC 27001:2022, 2022, pp 17-21. DOI: https://doi.org/10.2307/j.ctv30qq13d.6
Bartock, M., Brule, J., Li-Baboud, Y.-S., Lightman, S., McCarthy, J., Reczek, K., Northrip, D., Scholz, A., and Suloway, T., Cybersecurity profile for the responsible use of Positioning, Navigation and Timing (PNT) services, 2020. DOI: https://doi.org/10.6028/nist.ir.8323-draft
Amiruddin, A., Afiansyah, H.G., and Nugroho, H.A., Cyber-Risk management planning using NIST CSF v1.1, NIST SP 800-53 Rev. 5, and CIS Controls v8. 2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS), 2021. DOI: https://doi.org/10.1109/icimcis53775.2021.9699337
Bashofi, I., and Salman, M., Cybersecurity Maturity assessment design using NISTCSF, CIS CONTROLS v8 and ISO/IEC 27002. 2022 IEEE International Conference on Cybernetics and Computational Intelligence (CyberneticsCom), 2022. DOI: https://doi.org/10.1109/cyberneticscom55287.2022.9865640
GCSCC, Cybersecurity Capacity Maturity Model for Nations (CMM) 2021 Ed. SSRN Electronic Journal, 2021. DOI: https://doi.org/10.2139/ssrn.3822153
U.S. Departamento de Energía, Modelo de madurez de la capacidad de ciberseguridad (C2M2) versión 2.1, Departamento de Energía de EE.UU., Washington, DC, [online]. 2022. [consultation, May 7, 2023]. Available at: https://www.energy.gov/sites/default/files/2022-06/C2M2%20Version%202.1%20June%202022.pdf
Amiruddin, A., Afiansyah, H.G., and Nugroho, H.A., Cyber-Risk management planning using NIST CSF v1.1, NIST SP 800-53 Rev. 5, and CIS Controls v8. 2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS), 2021. DOI: https://doi.org/10.1109/icimcis53775.2021.9699337
Dammert, D.L. y Núñez, L.C., Enfrentando las ciberamenazas: estrategias nacionales de ciberseguridad en el Cono Sur. Seguridad, Ciencia & Defensa, 5(5), pp. 107-129, [online]. 2019. [consultation, May 7th, 2023]. Available at: https://repositorio.utdt.edu/handle/20.500.13098/2294 DOI: https://doi.org/10.59794/rscd.2019.v5i5.pp107-129
Herrera-Masó, J.R., Calero-Ricardo, J.L., González-Rangel, M.Á., Collazo-Ramos, M.I. y Travieso-González, Y., El método de consulta a expertos en tres niveles de validación. Revista Habanera de Ciencias Médicas, 21(1), [online]. 2022. [consultation, May 7th, 2023]. Available at: https://scielo.sld.cu/scielo.php?pid=S1729-519X2022000100014&script=sci_arttext&tlng=en
CANSO, Standard of excellence in cybersecurity, Civil Air Navigation Services Organization, [online]. 2020. [consultation, May 7th, 2023]. Available at: https://canso.org/publication/canso-standard-of-excellence-in-cybersecurity/
Visitsilp, B., and Bhumpenpein, N., Guidelines for Information technology governance based on integrated ISO 38500 and COBIT 2019. In: 2021 Research, Invention, and Innovation Congress: Innovation Electricals and Electronics (RI2C), 2021. DOI: https://doi.org/10.1109/ri2c51727.2021.9559772
Zwarts, H., Du Toit, J., and Von Solms, B., A Cyber-Diplomacy and Cybersecurity Awareness Framework (CDAF) for developing countries. European Conference on Cyber Warfare and Security, 21(1), pp. 341-349, 2022. DOI: https://doi.org/10.34190/eccws.21.1.226
Livshitz, I.I., Lontsikh, P.A., Lontsikh, N.P., Golovina, E.Y., and Safonova, O.M., The effects of cyber-security risks on added value of consulting services for IT-security management systems in holding companies. 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS), 2020. DOI: https://doi.org/10.1109/itqmis51053.2020.9322883
Neira-Melendrez, J.R., Seguridad de información en IoT y Big Data: un mapeo sistemático, [en línea]. 2021. [consulta, Mayo 7, 2023]. Disponible en: https://dspace.ups.edu.ec/bitstream/123456789/20578/1/UPS-GT003303.pdf
Fernández-González, F.C., Fuentes-García-Romero-de-Tejada, C., González-Manzano, L. y Fuentes-García-Romero-de-Tejada, J.M.D., Revisión sistemática de la jurisprudencia española sobre ciberseguridad y privacidad (1995-2020), Revista de privacidad y derecho digital, VI (4), [en línea]. 2021. [consulta, Mayo 7, 2023]. Disponible en: https://e-archivo.uc3m.es/bitstream/handle/10016/34078/revision_RPDD_2021.pdf
Tasheva, I., Cybersecurity post-COVID-19: lessons learned and policy recommendations. European View, 20(2), pp. 140-149, 2021. https://doi.org/10.1177/17816858211059250
Perales-Manrique, J.H. y Molina-Chirinos, J.A., Modelo de madurez de analítica de datos para el sector financiero, 2020. DOI: https://doi.org/10.19083/tesis/652126
Campos, J.L.S., Vigencia ontológica de la ciberseguridad en el marco de la seguridad informática chilena. Convenio de Budapest. Aula Virtual, 3(6), pp. 132-148, [en línea]. 2022. [consulta, Mayo 7, 2023]. Disponible en: https://hdl.handle.net/10983/30286
Guayara-Murillo, E.A. y Moyano-Murcia, E.F., Propuesta de orientación en ciberseguridad para la formación de los estudiantes de media técnica especializada del colegio OEA IED basado en el marco NIST SP800-181, 2022. [consultation, May 7, 2023]. Available at: https://hdl.handle.net/10983/30286
Armenta, E.R., and Carrillo, A.L.I. Towards an implementation of Information Technologies Governance. In: 2022 IEEE Mexican International Conference on Computer Science (ENC), 2022. DOI: https://doi.org/10.1109/enc56672.2022.9882923
Pérez-Cuestas. J.A., Estrategia de capacitación en seguridad de la información basado en NIST 800-50 para una empresa en el sector financiero, 2022. [consultation, May 7, 2023]. Available at: https://hdl.handle.net/10983/27647
Ebert, J., Newton, O., O’Rear, J., Riley, S., Park, J., and Gupta, M., Leveraging aviation risk models to combat cybersecurity threats in vehicular networks. Information, 12(10), 390, 2021. DOI: https://doi.org/10.3390/info12100390
Ballestero, F., Cómo mejorar la ciberseguridad en España. Boletín Económico de ICE, 3148, 2022. DOI: https://doi.org/10.32796/bice.2022.3148.7457
Mezher, A.A., and Mdlool, A.S., Relationship between continuous improvement and quality cybersecurity. PalArch's Journal of Archaeology of Egypt/Egyptology, 19(2), pp. 365-377, 2022. [consultation, May 7, 2023]. Available at: https://archives.palarch.nl/index.php/jae/article/view/11036
Koza, E., Semantic analysis of ISO/IEC 27000 standard series and NIST cybersecurity framework to outline differences and consistencies in the context of operational and strategic information security. Med. Eng. Themes, 2, pp. 26-39, 2022. [consultation, May 7, 2023]. Available at: https://themedicon.com/pdf/engineeringthemes/MCET-02-021.pdf
Hastings, N.A.J., ISO 55000 Series Standards. Physical Asset Management, pp. 595-621, 2021. DOI: https://doi.org/10.1007/978-3-030-62836-9_29
Alsyouf, I., Alsuwaidi, M., Hamdan, S., and Shamsuzzaman, M., Impact of ISO 55000 on organisational performance: evidence from certified UAE firms. Total Quality Management & Business Excellence, 32(1-2), pp. 134-152, 2018. DOI: https://doi.org/10.1080/14783363.2018.1537750
Ali, H., The strategic implementation asset management system basis ISO 55000: a case study on Indonesian Railways Company. Journal of Business Management Review, 2(3), pp. 226-244, 2021. DOI: https://doi.org/10.47153/jbmr23.1022021
da-Silva, R.F., and de Souza, G.F.M., Modeling a maintenance management framework for asset management based on ISO 55000 series guidelines. Journal of Quality in Maintenance Engineering, 28(4), pp. 915-937, 2021. DOI: https://doi.org/10.1108/jqme-08-2020-0082
Villanueva, G.A., Naranjo, A.F., and Jerez-Romero, E., Propuesta de mejora de la gestión de mantenimiento de los activos de una compañía certificadoras de productos y servicios, 2021. [consultation, May 7, 2023]. Available at: https://repositorio.ecci.edu.co/handle/001/1025
-Cádiz, L.A., Sistema de información para la administración de activos fijos del Colegio María Inmaculada. Dr. Thesis, Universidad Andrés Bello, Santiago, Chile 2021. [consultation, May 7, 2023]. Available at: https://repositorio.unab.cl/xmlui/handle/ria/19233
Angulo-Morris, M.A., Maceto-Rodríguez, J.F. y Quintana-Carbal, Y.F., Evaluación bajo la normatividad ISO 55000 de la gestión de activos al área de molienda de la empresa del sector minero de materiales preciosos Touchstone Colombia. 2022. [consultation, May 7, 2023]. Available at: https://bibliotecadigital.udea.edu.co/handle/10495/29982
Parra, C., Viveros, P., Kristjanpoller, F., Crespo, A., González-Prida, V. y Gómez, J., Técnicas de auditorías para los procesos de: mantenimiento, fiabilidad operacional y gestión de activos (AMORMS & AMS-ISO 55001). INGEMAN, Escuela Superior de Ingenieros Industriales, Sevilla, España, 2 (35842.61124), 4, 2021. DOI: https://doi.org/10.13140/RG
Torres-Martinez. A.M., Método de gestión de mantenimiento basado en la norma ISO 55000 para mejorar los indicadores de mantenimiento (RAM), en equipos de perforación de la Compañía Minera Las Bambas Arequipa-Perú 2021, 2021. [consultation, May 7, 2023]. Available at: https://www.researchgate.net/profile/Carlos-Parra-19/publication/349505815_TECNICAS_DE_AUDITORIA_PARA_LOS_PROCESOS_DE_MANTENIMIENTO_FIABILIDAD_OPERACIONAL_Y_GESTION_DE_ACTIVOS_AMORMS_AMS-ISO_55001/links/603efb2d92851c077f129ca6/TECNICAS-DE-AUDITORIA-PARA-LOS-PROCESOS-DE-MANTENIMIENTO-FIABILIDAD-OPERACIONAL-Y-GESTION-DE-ACTIVOS-AMORMS-AMS-ISO-55001.pdf
Rodríguez-Ramos, P.A., Moreira-Mendoza, N.R. y Arteaga-Linzan, Á., Herramienta para la toma de decisiones en el reemplazo de activos. Ingeniería Mecánica, 25(1), pp. 1-7, 2022. [consultation, May 7, 2023]. Available at: https://scielo.sld.cu/scielo.php?pid=S1815-59442022000100001&script=sci_arttext&tlng=pt
Putra, I.M.M., and Mutijarsa, K., Designing information security risk management on Bali Regional Police Command Center based on ISO 27005. In: 2021 3rd East Indonesia Conference on Computer and Information Technology (EIConCIT), 2021. DOI: https://doi.org/10.1109/eiconcit50028.2021.9431865 .
Amiruddin, A., Afiansyah, H.G., and Nugroho, H.A., Cyber-Risk management planning using NIST CSF v1.1, NIST SP 800-53 Rev. 5, and CIS Controls v8. In: 2021 International Conference on Informatics, Multimedia, Cyber and Information System (ICIMCIS), 2021. DOI: https://doi.org/10.1109/icimcis53775.2021.9699337
Majid, S.A., Nugraha, A., Sulistiyono, B.B., Suryaningsih, L., Widodo, S., Kholdun, A.I., Febrian, W.D., Wahdiniawati, S.A., Marlita, D., Wiwah, A., and Endri, E., The effect of safety risk management and airport personnel competency on aviation safety performance. Uncertain Supply Chain Management, 10(4), pp. 1509-1522, 2022. DOI: https://doi.org/10.5267/j.uscm.2022.6.004
Ullah, F., Qayyum, S., Thaheem, M.J., Al-Turjman, F., and Sepasgozar, S.M.E., Risk management in sustainable smart cities governance: a TOE framework. Technological Forecasting and Social Change, 167, art. 120743, 2021. DOI: https://doi.org/10.1016/j.techfore.2021.120743
Luqman, A., Akram, M., and Alcantud, J.C.R., Digraph and matrix approach for risk evaluations under Pythagorean fuzzy information. Expert Systems with Applications, 170, art. 114518, 2021. https://doi.org/10.1016/j.eswa.2020.114518
Angelopoulos, A.N., Bates, S., Candès, E.J., Jordan, M.I., and Lei, L.J., Learn then test: calibrating predictive algorithms to achieve risk control, 2021.
Chow, Y.-L., and Pavone, M., A framework for time-consistent, risk-averse model predictive control: theory and algorithms. In: 2014 American Control Conference, 2014. DOI: https://doi.org/10.1109/acc.2014.6859437
Khan, A., and Malaika, M., Central Bank risk management, fintech, and cybersecurity. SSRN Electronic Journal, 2021(105), 2021. DOI: https://doi.org/10.2139/ssrn.4026279
Viktoriia, H., Hnatienko, H., and Babenko, T., An intelligent model to assess information systems security level. In: 2021 Fifth World Conference on Smart Trends in Systems Security and Sustainability (WorldS4), 2021. DOI: https://doi.org/10.1109/worlds451998.2021.9514019
Almaiah, M.A., Al-Zahrani, A., Almomani, O., and Alhwaitat, A.K., Classification of cyber security threats on mobile devices and applications. Artificial Intelligence and Blockchain for Future Cybersecurity Applications, Studies in Big Data, 90, pp. 107-123, 2021. DOI: https://doi.org/10.1007/978-3-030-74575-2_6
Saki, A.A., Suresh, A., Topaloglu, R.O., and Ghosh, S., Split compilation for security of quantum circuits. In: 2021 IEEE/ACM International Conference On Computer Aided Design (ICCAD), 2021. DOI: https://doi.org/10.1109/iccad51958.2021.9643478
Pavón-González, Y., Ortega-González, Y.C., Infante-Abreu, M.B. y Delgado-Fernández, M., Método para proyectar el conocimiento de tecnologías de la información pertinente a la Ingeniería Industrial. Revista Universidad y Sociedad, 13(6), pp. 10-21, 2021. [consultation, May 7, 2023]. Available at: https://scielo.sld.cu/scielo.php?script=sci_arttext&pid=S2218-36202021000600010
Rawal, B.S., Manogaran, G., and Peter, A., Recovery strategies for database. Cybersecurity and Identity Access Management, 2022, pp. 201-207. DOI: https://doi.org/10.1007/978-981-19-2658-7_16
González-Rodríguez, J.C. y Acevedo-Navas, C., Aproximación al panorama actual de la protección de infraestructuras críticas en Colombia. Panorama en seguridad y defensa visto desde las instituciones de educación superior de las Fuerzas Armadas, 2021, pp. 11-24. DOI: https://doi.org/10.21830/9789585380226.01
Martínez-Rincón. L.C., Diseño técnico estructurado de un centro de respuesta a incidentes cibernéticos. 2021 [consultation, May 7, 2023]. Available at: https://repository.unad.edu.co/handle/10596/48312
Velandia-Sanchez. F., Capacidades técnicas, legales y de gestión para equipos Blueteam y Redteam, 2020. [consultation, May 7, 2023]. Available at: https://repository.unad.edu.co/handle/10596/48107
Almanza J.A.R., and Cano M.J.J., Cadenas de suministro. Revista Sistemas, 164, pp. 24-41, 2022. DOI: https://doi.org/10.29236/sistemas.n164a4
Mariano-Díaz. R., Ciberseguridad en cadenas de suministros inteligentes en América Latina y el Caribe, 2022. [consultation, May 7, 2023]. Available at: https://repositorio.cepal.org/handle/11362/48065
Valiente, J., (2022). Ciberseguridad en la cadena de suministro de la industria digital. Industria química, 99, pp. 57-59, 2022. [consultation, May 7, 2023]. Available at: https://dialnet.unirioja.es/servlet/articulo?codigo=8357825
Miranda-Asuar, C., Gestión de riesgo de la cadena de suministro: un estudio de técnicas y herramientas. 2021. [consultation, May 7, 2023]. Available at: https://riunet.upv.es/handle/10251/175707
Zamudio-Pereda, O., y Izquierdo-Requejo, A.A., Modelo de gestión de riesgo de la cadena de suministro como elemento diferenciador. Review of Global Management, 6(1), pp. 14-34, 2021. DOI: https://doi.org/10.19083/rgm.v6i1.1487
Vega-de-la-Cruz, L.O., and Pérez-Pravia, M.C., Gestión integrada de riesgos de la seguridad de las cadenas de suministros con enfoque al servicio al cliente. Ingeniería y Competitividad, 24(02), art. 11197, 2022. DOI: https://doi.org/10.25100/iyc.v0i00.11197
Sánchez Suárez, Y., Pérez Castañeira, J.A., Sangroni Laguardia, N., Cruz Blanco, C. and Medina-Nogueira, Y.E., Retos actuales de la logística y la cadena de suministro, 42(1), pp. 169-184, 2021. [consultation, May 7, 2023]. Available at: https://go.gale.com/ps/i.do?id=GALE%7CA678804788&sid=googleScholar&v=2.1&it=r&linkaccess=abs&issn=02585960&p=IFME&sw=w&userGroupName=anon%7E34d17fb5&aty=open+web+entry
Pérez-Ramírez, R., Políticas, casos de estudio, técnicas de simulación y programas de competencias en la educación de logística y cadena de suministro en México, 2020, pp. 1-14. DOI: https://doi.org/10.35429/h.2020.1.1.14
Castaño-Gómez, M., López-Echeverry, A.M., y Villa-Sánchez, P.A., Revisión del uso de tecnologías y dispositivos IoT en los sistemas de seguridad física. Ingeniería y Competitividad, 24(1), art. 11034, 2021. DOI: https://doi.org/10.25100/iyc.v24i1.11034
Agyare, R., Adu-Boahene, C., y Nikoi, S.N., Gestión remota segura de redes y control de acceso a redes, el caso de la Universidad de Educación-Campus de Kumasi, 6(1), pp 18-45, 2021. DOI: https://doi.org/10.11648/j.ijse.20220601.13
Collier, Z.A., and Sarkis, J., The zero trust supply chain: Managing supply chain risk in the absence of trust. International Journal of Production Research, 59(11), pp 3430-3445, 2021. DOI: https://doi.org/10.1080/00207543.2021.1884311
Paredes, C.M., Martínez-Castro, D., Ibarra-Junquera, V., and González-Potes, A., Detection and isolation of DoS and Integrity cyber attacks in cyber-physical systems with a neural network-based architecture. Electronics, 10(18), art. 2238, 2021. DOI: https://doi.org/10.3390/electronics10182238
Khader, M., Karam, M., and Fares, H., Cybersecurity awareness framework for academia. Information, 12(10), art. 417, 2021. DOI: https://doi.org/10.3390/info12100417
Arblaster, M., 5 - Safety Regulation of Air Traffic Management. Air Traffic Management, pp. 87-115, 2018. DOI: https://doi.org/10.1016/b978-0-12-811118-5.00005-9
Pollini, A., Callari, T.C., Tedeschi, A., Ruscio, D., Save, L., Chiarugi, F., and Guerri, D., Leveraging human factors in cybersecurity: an integrated methodological approach. Cognition, Technology & Work, 24(2), pp. 371-390, 2021. DOI: https://doi.org/10.1007/s10111-021-00683-y
Bredenkamp, I.E., Kritzinger, E., and Herselman, M., A conceptual consumer data protection maturity model for government adoption: South African context. Lecture Notes in Networks and Systems, pp. 820-834, 2021. DOI: https://doi.org/10.1007/978-3-030-90318-3_64
Rojas-Velásquez, R.G., y Muedas-Higginson, A.C., Modelo de madurez de seguridad de aplicaciones web ante ciberataques para clínicas de nivel 2, 2019 Available at: https://renati.sunedu.gob.pe/handle/sunedu/3003964
Xie, Y., Gardi, A., and Sabatini, R., Cybersecurity trends in low-altitude air traffic management. in: 2022 IEEE/AIAA 41st Digital Avionics Systems Conference (DASC), 2022. DOI: https://doi.org/10.1109/dasc55683.2022.9925840
Dolezilek, D., Gammel, D., and Fernandes, W., Cybersecurity based on IEC 62351 and IEC 62443 for IEC 61850 systems. 15th International Conference on Developments in Power System Protection (DPSP 2020), 2020. DOI: https://doi.org/10.1049/cp.2020.0016
Bellini, E., Sargsyan, G., and Kavallieros, D., Cyber-resilience. Internet of Things, Threats, Landscape, and Countermeasures, pp. 291-333, 2021. DOI: https://doi.org/10.1201/9781003006152-8
Martinez, S., Gransart, C., Stienne, O., Deniau, V., and Bon, P., SoREn, How dynamic software update tools can help cybersecurity systems to improve monitoring and actions. JUCS - Journal of Universal Computer Science, 28(1), pp 27-53, 2022. DOI: https://doi.org/10.3897/jucs.66857
Li, Q., Li, Y., Liu, S., Wang, X., and Chaoui, H., Incomplete information stochastic game theoretic vulnerability management for wide-area damping control against cyber attacks. IEEE Journal on Emerging and Selected Topics in Circuits and Systems, 12(1), pp 124-134, 2022. DOI: https://doi.org/10.1109/jetcas.2022.3151645
Sorge, C., IT Security measures and their relation to data protection. Law and Technology in a Global Digital Society, pp. 179-197, 2022. DOI: https://doi.org/10.1007/978-3-030-90513-2_10
Kumar, R., and Venkatesh, K., Centralized and Decentralized data backup approaches. Advances in Intelligent Systems and Computing, pp. 687-698, 2022. DOI: https://doi.org/10.1007/978-981-16-5652-1_60
Pérez-Sánchez, A., and Palacios, R., Evaluation of local security event management system vs. standard antivirus Software. Applied Sciences, 12(3), art. 1076, 2022. DOI: https://doi.org/10.3390/app12031076
Zhang, X., Ma, H., and Tse, C.K., Assessing the robustness of cyber-physical power systems by considering wide-area protection functions. IEEE Journal on Emerging and Selected Topics in Circuits and Systems, 12(1), pp 107-114, 2022. DOI: https://doi.org/10.1109/jetcas.2022.3144443
Potteiger, B., Dubey, A., Cai, F., Koutsoukos, X., and Zhang, Z., Moving target defense for the security and resilience of mixed time and event triggered cyber-physical systems. Journal of Systems Architecture, 125, art. 102420, 2022. DOI: https://doi.org/10.1016/j.sysarc.2022.102420
Unal, U., Kahya, C.N., Kurtlutepe, Y., and Dag, H., Investigation of cyber situation awareness via SIEM tools: a constructive review. 2021 6th International Conference on Computer Science and Engineering (UBMK), 2021. DOI: https://doi.org/10.1109/ubmk52708.2021.9558964
Laue, T., Kleiner, C., Detken, K.O., and Klecker, T., A SIEM architecture for multidimensional anomaly detection. 2021 11th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), 2021. DOI: https://doi.org/10.1109/idaacs53288.2021.9660903
Bankole, F., Taiwo, A., and Claims, I., An extended digital forensic readiness and maturity model. Forensic Science International: Digital Investigation, 40, art. 301348, 2022. DOI: https://doi.org/10.1016/j.fsidi.2022.301348
Folino, G., Godano, C.O., and Pisani, F.S., A scalable cybersecurity framework for anomaly detection in user behaviour, 2022. DOI: https://doi.org/10.21203/rs.3.rs-1912478/v1
Sarker, I.H., Machine learning for intelligent data analysis and automation in cybersecurity: current and future prospects, 2022. DOI: https://doi.org/10.20944/preprints202209.0032.v1
Gómez-Orjuela, F.H., y Valencia-Valencia, H., Diseño de un procedimiento de gestión de incidentes de ciberseguridad que articule la gestión de riesgos, continuidad, crisis y resiliencia que se pueda integrar a la respuesta corporativa. 2021. DOI: https://doi.org/10.18235/0004373
Senabre-López, S., Sota-Macia, I., y Munera-López, J., Fortaleciendo la ciberresiliencia del sector financiero. Revista de Estabilidad Financiera/Banco de España, pp 93-111, 2021. Available at: https://repositorio.bde.es/handle/123456789/19366
Cómo citar
IEEE
ACM
ACS
APA
ABNT
Chicago
Harvard
MLA
Turabian
Vancouver
Descargar cita
CrossRef Cited-by
1. Alvaro Rocha, Fadele Ayotunde Alaba, Haliru Musa, Maria Jose Sousa, Jose Braga de Vasconcelos, Rúben Pereira. (2025). Countering Hybrid Threats Against Critical Infrastructures. NATO Science for Peace and Security Series B: Physics and Biophysics. , p.179. https://doi.org/10.1007/978-94-024-2304-4_10.
2. Leonardo Leoni, Saverio Ferraro, Alessandra Cantini, Rinaldo Rinaldi, Filippo De Carlo. (2024). MaMoReS: A Robust Tool for Evaluating Supply Chain Resilience Through Systematic Literature and Network Analysis. Applied Sciences, 14(20), p.9568. https://doi.org/10.3390/app14209568.
Dimensions
PlumX
Visitas a la página del resumen del artículo
Descargas
Licencia
Derechos de autor 2023 DYNA
Esta obra está bajo una licencia internacional Creative Commons Atribución-NoComercial-SinDerivadas 4.0.
El autor o autores de un artículo aceptado para publicación en cualquiera de las revistas editadas por la facultad de Minas cederán la totalidad de los derechos patrimoniales a la Universidad Nacional de Colombia de manera gratuita, dentro de los cuáles se incluyen: el derecho a editar, publicar, reproducir y distribuir tanto en medios impresos como digitales, además de incluir en artículo en índices internacionales y/o bases de datos, de igual manera, se faculta a la editorial para utilizar las imágenes, tablas y/o cualquier material gráfico presentado en el artículo para el diseño de carátulas o posters de la misma revista.
