| fullrecord |
[{"key": "dc.contributor.advisor", "value": "Frantti, Tapio", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Eho, Onni", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2024-01-29T07:47:12Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2024-01-29T07:47:12Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2024", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/93099", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "T\u00e4m\u00e4 tutkimus keskittyy tuotantoteknologian (OT) kyberturvallisuuteen. Tuotantoteknologia koostuu moninaisista ohjelmoitavista j\u00e4rjestelmist\u00e4 ja laitteista, jotka toimivat fyysisen ja virtuaalisen maailman rajapinnassa. Fyysisi\u00e4 prosesseja ohjaaviin j\u00e4rjestelmiin kohdistuvan kyberhy\u00f6kk\u00e4yksen seuraukset voivat olla vakavia. OT-j\u00e4rjestelmien kehitys on tehnyt niist\u00e4 haavoittuvampia kyberuhkia vastaan. Kasvava huoli OT-turvallisuudesta on lis\u00e4nnyt alan tutkimusta.\n\nT\u00e4ss\u00e4 tutkimuksessa k\u00e4ytetty tutkimusmetodologia on suunnittelutiede. Sen mukaisen iteratiivisen prosessin lopputulos on artefakti, jonka avulla organisaatiot voivat arvioida OT-turvallisuuspolitiikkaansa. T\u00e4m\u00e4n tutkielman kontekstissa OT-turvallisuuspolitiikka ymm\u00e4rret\u00e4\u00e4n kokoelmana niist\u00e4 hallintakeinoista, jotka organisaatio on ottanut tai suunnittelee ottavansa k\u00e4ytt\u00f6\u00f6n OT-ymp\u00e4rist\u00f6idens\u00e4 suojaamiseksi. \n\nArviointity\u00f6kalu perustuu MITRE ATT&CK for ICS\u00ae-viitekehykseen sis\u00e4ltyv\u00e4\u00e4n tietoon. Se auttaa organisaatioita arvioimaan nykyist\u00e4 l\u00e4hestymistapaansa OT-turvallisuuteen viitekehykseen kuuluvia hallintakeinoja vasten. Arvioinnin tulosten perusteella organisaatiot voivat pyrki\u00e4 parantamaan suojautumiskyky\u00e4\u00e4n OT-ymp\u00e4rist\u00f6ihin kohdistuvien kyberhy\u00f6kk\u00e4ysten varalta.\n\nTy\u00f6n kirjallisuuskatsaus tukee artefaktin uutuusarvoa. Sen soveltuvuutta demonstroidaan k\u00e4yt\u00e4nn\u00f6ss\u00e4 tutkimukseen osallistuneen yhteisty\u00f6yrityksen OT-tietoturvapolitiikan arviointiin. Esitellyn artefaktin katsotaan t\u00e4ytt\u00e4v\u00e4n sen suunnittelukriteerit suurimmalta osin. Tutkimus kuitenkin esittelee useita alueita, joilla tapahtuva jatkokehitys tekisi ratkaisusta kypsemm\u00e4n.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "This research focuses on the cybersecurity of Operational Technology (OT). OT encompasses various programmable systems that operate in the intersection of the physical and virtual world. Consequences of cyberattacks on systems controlling physical processes can be severe. The evolution of OT systems has made them more vulnerable against cyberthreats. Simultaneously, the rising concern over the security of OT has increased the research on the domain. \n\nThe research methodology of this thesis is design science research. The outcome of the iterative process is an artifact that can be used for assessing an organization\u2019s OT security policy. In the context of this thesis, OT security policy is understood as a collection of countermeasures an organization has implemented or plans to implement for safeguarding its OT environment. \n\nThe Evaluation Tool is based on the information included in MITRE ATT&CK for ICS\u00ae framework. It aids organizations in assessing their current approach to OT security against the mitigations included in the framework. Based on the results of the assessment, organizations can seek to improve their defensive capabilities against cyberattacks targeted at OT environments.\n\nThe novelty of the artifact is supported by the literature review. It is successfully applied for assessing an OT security policy of a case-company to demonstrate its applicability. The proposed artifact is concluded to meet its design criteria for the most part. However, the research presents multiple areas where further effort could be directed to make the artifact more mature.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2024-01-29T07:47:12Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2024-01-29T07:47:12Z (GMT). No. of bitstreams: 0\n Previous issue date: 2024", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "84", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "eng", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "operational technology", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "OT security", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "MITRE ATT&CK for ICS", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "evaluation tool", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "design science research", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Evaluation tool for assessing an organization\u2019s OT security policy", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202401291586", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Cyber Security", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Kyberturvallisuus", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.copyright", "value": "\u00a9 The Author(s)", "language": null, "element": "rights", "qualifier": "copyright", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": null, "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kyberturvallisuus", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "turvallisuuspolitiikka", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "arviointimenetelm\u00e4t", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "cyber security", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "security policy", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "evaluation methods", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
|