YULIA CHERDANTSEVA

YULIA CHERDANTSEVA
Cardiff University | CU · School of Computer Science and Informatics

PhD in Cyber Security

About

20
Publications
49,500
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
832
Citations
Introduction
Dr Yulia Cherdantseva is a Lecturer at the School of Computer Science & Informatics at Cardiff University. Yulia worked as a lead researcher on the project “Supervisory Control and Data Acquisition Systems Cyber Security Lifecycle (SCADA-CSL)” funded by the Airbus Group Endeavr Wales and the Welsh Assembly Government, where she developed a novel SCADA Cyber Security, Safety and Risk (SCADA CSSR) graphical extension for BPMN 2.0 and a configurable dependency model of a SCADA system. In 2020-2021,

Publications

Publications (20)
Article
Full-text available
A key purpose of a Supervisory Control and Data Acquisition (SCADA) system is to enable either an on-site or remote supervisory control and monitoring of physical processes of various natures. In order for a SCADA system to operate safely and securely, a wide range of experts with diverse backgrounds must work in close rapport. It is critical to ha...
Research
Full-text available
There are 6 million Small and Medium-Sized Enterprises (SMEs) in the UK, and they constitute 99% of all businesses.1 Every day SMEs face hard cybersecurity investment decisions. In 2020, 46% of businesses reported having cybersecurity breaches in the last 12 months. SMEs are considered a softer target by cyber criminals and an easy back door into l...
Chapter
Cyber security operations centres (SOCs) are attracting much attention in recent times as they play a vital role in helping businesses to detect cyberattacks, maintain cyber situational awareness, and mitigate real-time cybersecurity threats. Literature often cites the monitoring of an enterprise network and the detection of cyberattacks as core fu...
Article
The increasing use of Security Operations Centers (SOCs) by organisations as a part of their cyber security strategy has led to several studies aiming to understand and improve SOC operations. However, to the best of our knowledge, there is no systematic literature review on the challenges faced by SOC analysts or on metrics for measuring analysts...
Conference Paper
Multiple studies show that women are under-represented in almost all of fields of Science, Technology, Engineering and Maths (STEM). This gender gap is also present at higher education institutions in both student numbers and academic staff. A range of measures could be implemented to tackle this issue. In this position paper, we outline the measur...
Chapter
A new wave of industrial technology has emerged in the form of Industry 4.0, which has seen a progression from electronic devices and IT (Information Technology) systems that automate production advance to a new revolution of Cyber-Physical Production Systems used for Smart Manufacturing and Smart Factories via IIoT (Industrial Internet of Things)....
Article
Any risk analysis of a large infrastructure that does not account for external dependencies is dangerously introspective. A top-down, goal-to-dependencies modeling approach can capture interdependencies and allow supply-chain entities to securely share risk data, calculate the likely impact of a failure, and respond accordingly.
Article
The evaluation of a conceptual model, which is an outcome of a qualitative research, is an arduous task due to the lack of a rigorous basis for evaluation. Overcoming this challenge, the paper at hand presents a detailed example of a multifaceted evaluation of a Reference Model of Information Assurance & Security (RMIAS), which summarises the knowl...
Conference Paper
SCADA systems are essential for the safe running of critical infrastructure but in recent years have increasingly become the target of advanced cyber-attacks through their convergence with public and corporate networks for easier monitoring and control. Cyber-events within critical infrastructure can have devastating consequences affecting human li...
Article
Full-text available
This paper reviews the state of the art in cyber security risk assessment of Supervisory Control and Data Acquisition (SCADA) systems. We select and in-detail examine twenty-four risk assessment methods developed for or applied in the context of a SCADA system. We describe the essence of the methods and then analyse them in terms of aim; applicatio...
Article
This article tackles a series of issues currently facing the United States and United Kingdom in the field of cybersecurity and the subject of major international debate. It examines Supervisory Control and Data Acquisition (SCADA) systems, a type of Industrial Control System (ICS), and their utilization in Critical National Infrastructure (CNI) an...
Chapter
Despite great interest of researchers and professionals in Information Security (InfoSec) and Information Assurance (IA), there is still no commonly agreed understanding of the disciplines. This chapter clarifies the meaning, scope, and goals of InfoSec and IA as well as the relationship between the disciplines. Clarity of the scope and goals of In...
Chapter
Full-text available
Despite great interest of researchers and professionals in Information Security (InfoSec) and Information Assurance (IA), there is still no commonly agreed understanding of the disciplines. The paper aims to clarify the meaning , scope and goals of InfoSec and IA as well as the relationship between the disciplines. Clarity of the scope and goals of...
Conference Paper
Full-text available
Information Assurance & Security (IAS) is a dynamic domain which changes continuously in response to the evolution of society, business needs and technology. This paper proposes a Reference Model of Information Assurance & Security (RMIAS), which endeavours to address the recent trends in the IAS evolution, namely diversification and deperimetrisat...
Article
Information Assurance (IA) is an intensively discussed discipline. Perhaps the most striking feature of IA is that everyone has a different opinion about what it actually is. The literature analysis enables us to distinguish three different approaches to Information Assurance: 1) Technical approach, concentrated on protection of networks; 2) Busine...
Conference Paper
Full-text available
The participation of business experts in the elicitation and formulation of Information Assurance & Security (IAS) requirements is crucial. Although business experts have security-related knowledge, there is still no formalised business process modelling notation allowing them to express this knowledge in a clear, unambiguous manner. In this paper...
Article
Full-text available
Security Architecture (SA) is concerned with such tasks as design, development and management of secure business information systems. These tasks are inherently complex and become several orders of magnitude more sophisticated in a Collaborative De-Perimeterised Environment (CDePE). Although significant research exists about the technical solutions...

Network

Cited By

Projects

Projects (2)
Project
This work is funded by the Airbus Group Endeavr Wales under the SCADA Cyber Security Lifecycle (SCADA-CSL) programme.