G. Apostolakis 2010 Probabilistic Risk Assessment (PRA) (Wiley Handbook of Science and Technology for Homeland Security) 1
G. E. Apostolakis 2004 How useful is quantitative risk assessment? Risk Analysis 24 3 515 520
D. Bernoulli 1954 Exposition of a new theory on the measurement of risk Econometrica: Journal of the Econometric Society 23 36
L. A. T. Cox Jr. 2015 Making decisions without trustworthy risk models Breakthroughs in Decision Science and Risk Analysis 189
R. L. Dillon-Merrill et al 2008 Logic Trees: Fault, Success, Attack, Event, Probability, and Decision Trees(Wiley Handbook of Science and Technology for Homeland Security)
A. M. Doro-On 2014 Risk Assessment and Security for Pipelines, Tunnels, and Underground Rail and Transit Operations CRC Press
T. Dübendorfer et al 2004 An economic damage model for large-scale internet attacks Enabling Technologies: Infrastructure for Collaborative Enterprises 2004. WET ICE 2004. 13th IEEE International Workshops on, 223 228
B. C. Ezell et al 2010 Probabilistic risk analysis and terrorism risk Risk Analysis 30 4 575 589
N. FentonM. Neil 2012 Risk Assessment and Decision Analysis With Bayesian Networks CRC Press
W. GaoT. H. Morris 2014 On cyber attacks and signature based intrusion detection for modbus based industrial control systems Journal of Digital Forensics, Security and Law 9 1 37 56
A. J. Holmgren et al 2007 Evaluating strategies for defending electric power networks against antagonistic attacks IEEE Transactions on Power Systems 22 1 76 84
S. Hora 2007 8 eliciting probabilities from experts Advances in Decision Analysis: From Foundations to Applications 129
R. A. Howard 1989 Knowledge maps Management science 35 8 903 922
O. Ibe 2013 Markov Processes for Stochastic Modeling Newnes
ICS-CERT 2012 ICS-CERT year in review - 2012 ext-link-type="uri" xlink: href="https://ics-cert.us-cert.gov/ICS-CERT-Year-Review-2012">https://ics-cert.us-cert.gov/ICS-CERT-Year-Review-2012
ICS-CERT 2016 Jan ICS-CERT monitor November/December 2015 ext-link-type="uri" xlink: href="https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT%20Monitor_Nov-Dec2015_S508C.pdf">https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT%20Monitor_Nov-Dec2015_S508C.pdf
S. KaplanB. J. Garrick 1981 On the quantitative definition of risk Risk analysis 1 1 11 27
K. C. KapurM. Pecht 2014 Reliability Engineering John Wiley & Sons
G. Keren 1997 On the calibration of probability judgments: Some critical comments and alternative perspectives Conference on Subjective Probability, Utility and Decision Making: Overconfidence: Sources, Implications, and Solutions Jerusalem, Israel John Wiley & Sons Aug 1995
M. KrotofilJ. Larsen 2015 Rocking the pocket book: Hacking chemical plants
T. G. Lewis 2014 Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation John Wiley & Sons
Lloyds and The University of Cambridge Centre for Risk Studies 2015 Business blackout: The insurance implications of a cyber attack on the us power grid ext-link-type="uri" xlink: href="http://www.lloyds.com//media/files/news%20and%20">www.lloyds.com//media/files/news%20and%20 insight/risk%20insight/2015/business%20 blackout/business%20blackout20150708.pdf
J. Lopez et al 2013 Smart control of operational threats in control substations Computers & Security 38 14 27
T. MacaulayB. L. Singer 2011 Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS. CRC Press
D. McMorrow 2009 Rare events DTIC Document, Technical Rep
J. Merrick et al 2015 Outthinking the terrorists Breakthroughs in Decision Science and Risk Analysis 287
J. Mitchell et al 2012 Aug Global industrial automation
R. MitchellI.-R. Chen 2014 A survey of intrusion detection techniques for cyber-physical systems ACM Computing Surveys (CSUR) 46 4 55
M. Naedele 2007 Addressing it security for critical control systems 40th Annual Hawaii International Conference on System Sciences.
National Research Council 2010 Review of the Department of Homeland Security’s Approach to Risk Analysis The National Academies Press
NERC 2010 High-impact, low-frequency event risk to the north American bulk power system A Jointly-Commissioned Summary Report of the North American Electric Reliability Corporation and the U.S. Department of Energy’s November 2009 Workshop
L. T. OstromC. A. Wilhelmsen 2012 Risk Assessment: Tools, Techniques, and Their Applications John Wiley & Sons
H. V. Ravinder et al 1988 The reliability of subjective probabilities obtained through decomposition Management Science 34 2 186 199
S. Roy et al 2010 A survey of game theory as applied to network security System Sciences (HICSS), 2010 43rd Hawaii International Conference on 1 10
D. Rumsfeld 2002 Feb U.S. DOD news briefing ext-link-type="uri" xlink: href="https://www.youtube.com/">https://www.youtube.com/watch?v=GiPe1OiKQuk
C. M. Schnaubelt et al 2014 Vulnerability Assessment Method Pocket Guide RAND Corporation
B. Schneier 1999 Attack trees Dr. Dobbs Journal 24 12 21 29
T. Sommestad et al 2009 Modeling security of power communication systems using defense graphs and influence diagrams IEEE Transactions on Power Delivery 24 4 1801 1808
T. SommestadJ. Hallberg 2012 Cyber security exercises and competitions as a platform for cyber security experiments Nordic Conference on Secure IT Systems, Springer 47 60
K. Stouffer et al 2011 Guide to industrial control systems (ICS) security NIST Special Publication 800 82
I. Sutton 2014 Process Risk and Reliability Management: Operational Integrity Management Gulf Professional Publishing
The White House 2013 Feb Executive order -improving critical infrastructure cybersecurity
T. S. WallstenD. V. Budescu 1983 State of the art encoding subjective probabilities: A psychological and psychometric review Management Science 29 2 151 173
E. Zio et al 2013 Uncertainty in Risk Assessment: The Representation and Treatment of Uncertainties by Probabilistic and Non-Probabilistic Methods John Wiley & Sons