Replication Data for: A Model-Based Framework for Developing Security-Safety Incident Response Plans

Version 2.1

Gnanasekaran, Vahiny; Fatima, Urooj; Heegaard, Poul Einar, 2025, "Replication Data for: A Model-Based Framework for Developing Security-Safety Incident Response Plans", https://doi.org/10.18710/XAKJY6, DataverseNO, V2

Learn about Data Citation Standards.

Contact Owner

Dataset Metrics

1,153 Downloads

Description	This data set contains 33 modeling diagrams used to model incident response procedures in security-safety incident response from two Norwegian oil and gas companies. The file set includes all diagrams in .png format depicting different perspectives on role responsibilities and interactions during the incident response used for analysis. The diagrams were based on empirical findings using two case studies, conducting semi-structured interviews, document analysis, and multiple meetings. However, the empirical findings are not reported here since they are not permitted to be shared. (2024-12-02) Abstract from publication: Cyberattacks are increasingly affecting the safe operation of critical infrastructure (e.g., energy, manufacturing) and potentially endangering production, people, equipment, and the environment. A cyber-incident with physical consequences requires personnel responsible for aggregating log information, analyzing root cause (i.e., cybersecurity), and ensuring the production and safe operation of safety-critical systems (i.e., safety) to collaborate. For this, they must understand their own and each other's roles in the incident response process, as well as when and how to interact with different roles. To address this problem, this paper proposes a framework that utilizes a model-based approach to illustrate the critical roles and their interactions within a security-safety incident response plan. To demonstrate its applicability, the framework was applied in a qualitative study within the Norwegian oil and gas industry, involving two companies. This research sheds light on the relevance of applying a model-based approach to developing security and safety incident response plans for organizations. It investigates the relevance of using two modeling languages: a general-purpose software systems modeling language, the Unified Modeling Language (UML), and an enterprise process workflow modeling language, the Business Process Modeling Notation (BPMN), for visualizing the security-safety incident response plan. The findings indicate that the modeling languages are suitable and relevant for understanding and discussing the collaboration and coordination of different personnel's roles during security-safety incident response. The distinct diagrams highlight various aspects, including roles, transmitted information, tasks, and the sequence of tasks. Future work should consider how the diagrams can be applied during the training and learning of the incident response plans. (2025-07-15)
Subject	Computer and Information Science
Keyword	Modelling diagram, Incident response, Cyber security, Safety
Related Publication	Submitted for review
License/Data Use Agreement	CC0 1.0

Change View

Table

Tree

Filter by

	1 to 10 of 63 Files	Download
	.DS_Store Unknown - 10.0 KB Published Feb 13, 2025 18 Downloads MD5: 62270ef93dcf77be9cb7d181b5b4184a	Access File File Access Public Download Options Original File Format Download Metadata Data File Citation EndNote XML RIS BibTeX
	00_README.txt Plain Text - 13.7 KB Published Feb 13, 2025 19 Downloads MD5: f22f4f169471a7b8a039c85efe2a48e5	Preview "00_README.txt" Access File File Access Public Download Options Plain Text Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-A-1-off.png BPMN/PNG Image - 73.1 KB Published Feb 13, 2025 20 Downloads MD5: 8e8dc81a65d8c81bcab239a836ef6869	Preview "BPMN/bpmn-A-1-off.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-A-1-on.png BPMN/PNG Image - 87.4 KB Published Feb 13, 2025 20 Downloads MD5: 4db5100d38990e4f109119c025a978e9	Preview "BPMN/bpmn-A-1-on.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-A-2.png BPMN/PNG Image - 55.8 KB Published Feb 13, 2025 20 Downloads MD5: 9a1619257235eda124ab0006e3cedfd0	Preview "BPMN/bpmn-A-2.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-A-3.png BPMN/PNG Image - 44.3 KB Published Feb 13, 2025 20 Downloads MD5: 90c57377a813afa969b1e099950a2858	Preview "BPMN/bpmn-A-3.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-A-4.png BPMN/PNG Image - 28.0 KB Published Feb 13, 2025 20 Downloads MD5: 791652c6fd129cae02bfb1ecb0968771	Preview "BPMN/bpmn-A-4.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-A-5.png BPMN/PNG Image - 20.5 KB Published Feb 13, 2025 20 Downloads MD5: 7b09a5e31f45da6851bb4fe4e04d8ec6	Preview "BPMN/bpmn-A-5.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-B-1-off.png BPMN/PNG Image - 50.0 KB Published Feb 13, 2025 20 Downloads MD5: a0aa6c36fb09bce34b5ef2299f00d313	Preview "BPMN/bpmn-B-1-off.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX
	bpmn-B-1-on.png BPMN/PNG Image - 55.1 KB Published Feb 13, 2025 20 Downloads MD5: a5e911b41bdcc3277d898a56f2bc708e	Preview "BPMN/bpmn-B-1-on.png" Access File File Access Public Download Options PNG Image Download Metadata Data File Citation EndNote XML RIS BibTeX

Citation Metadata

Persistent Identifier	doi:10.18710/XAKJY6
Publication Date	2025-02-13
Title	Replication Data for: A Model-Based Framework for Developing Security-Safety Incident Response Plans
Author	Gnanasekaran, Vahiny (NTNU – Norwegian University of Science and Technology) - ORCID: 0009-0003-2865-2115 Fatima, Urooj (NTNU – Norwegian University of Science and Technology) - ORCID: 0009-0009-7635-1601 Heegaard, Poul Einar (NTNU – Norwegian University of Science and Technology) - ORCID: 0000-0003-0083-5860
Point of Contact	Use email button above to contact. Gnanasekaran, Vahiny (NTNU – Norwegian University of Science and Technology)
Description	This data set contains 33 modeling diagrams used to model incident response procedures in security-safety incident response from two Norwegian oil and gas companies. The file set includes all diagrams in .png format depicting different perspectives on role responsibilities and interactions during the incident response used for analysis. The diagrams were based on empirical findings using two case studies, conducting semi-structured interviews, document analysis, and multiple meetings. However, the empirical findings are not reported here since they are not permitted to be shared. (2024-12-02) Abstract from publication: Cyberattacks are increasingly affecting the safe operation of critical infrastructure (e.g., energy, manufacturing) and potentially endangering production, people, equipment, and the environment. A cyber-incident with physical consequences requires personnel responsible for aggregating log information, analyzing root cause (i.e., cybersecurity), and ensuring the production and safe operation of safety-critical systems (i.e., safety) to collaborate. For this, they must understand their own and each other's roles in the incident response process, as well as when and how to interact with different roles. To address this problem, this paper proposes a framework that utilizes a model-based approach to illustrate the critical roles and their interactions within a security-safety incident response plan. To demonstrate its applicability, the framework was applied in a qualitative study within the Norwegian oil and gas industry, involving two companies. This research sheds light on the relevance of applying a model-based approach to developing security and safety incident response plans for organizations. It investigates the relevance of using two modeling languages: a general-purpose software systems modeling language, the Unified Modeling Language (UML), and an enterprise process workflow modeling language, the Business Process Modeling Notation (BPMN), for visualizing the security-safety incident response plan. The findings indicate that the modeling languages are suitable and relevant for understanding and discussing the collaboration and coordination of different personnel's roles during security-safety incident response. The distinct diagrams highlight various aspects, including roles, transmitted information, tasks, and the sequence of tasks. Future work should consider how the diagrams can be applied during the training and learning of the incident response plans. (2025-07-15)
Subject	Computer and Information Science
Keyword	Modelling diagram Incident response Cyber security Safety
Related Publication	Submitted for review
Language	English
Producer	NTNU – Norwegian University of Science and Technology (NTNU) https://www.ntnu.edu/
Contributor	Data Curator : Gnanasekaran, Vahiny Data Collector : Fatima, Urooj Supervisor : Heegaard, Poul Einar
Funding Information	The Research Council of Norway: 326717
Distributor	NTNU – Norwegian University of Science and Technology (NTNU) https://dataverse.no/dataverse/ntnu
Depositor	Gnanasekaran, Vahiny
Deposit Date	2024-12-02
Time Period	Start Date: 2024-09-01 ; End Date: 2025-01-31
Data Type	machine-readable text; modeling diagrams
Software	PlantUML, Version: V1.2025.0 Draw.io, Version: 24.7.17 BPMN.io, Version: v17.11.1
Related Material	Vahiny Gnanasekaran, Maria Bartnes, Tor Olav Grotan, and Poul Einar Heegaard. 2024. Cyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum Industry. In Proceedings of the 2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability (EnCyCriS/SVM '24). Association for Computing Machinery, New York, NY, USA, 53–60. https://doi.org/10.1145/3643662.3643958

Dataset Terms

License/Data Use Agreement

Our Community Norms as well as good scientific practices expect that proper credit is given via citation. Please use the data citation shown on the dataset page.

Creative Commons CC0 1.0 Universal Public Domain Dedication. CC0 1.0

Restricted Files + Terms of Access

	Dataset Version	Summary	Contributors	Published on
No records found.

Edit File

This file has already been deleted (or replaced) in the current version. It may not be edited.

Restrict Access

Restricting limits access to published files. People who want to use the restricted files can request access by default. If you disable request access, you must add information about access to the Terms of Access field.

Learn about restricting files and dataset access in the User Guide.

Request Access

Enable access request

You must enable request access or add terms of access to restrict file access.

Terms of Access for Restricted Files

Save Changes

Edit Embargo

The selected file or files have already been published. Contact an administrator to change the embargo date or reason of the file or files.

Edit Retention Period

The selected file or files have already been published. Contact an administrator to change the retention period date or reason of the file or files.

Delete Files

The file will be deleted after you click on the Delete button.

Files will not be removed from previously published versions of the dataset.

Select File(s)

Please select one or more files.

Share Dataset

Share this dataset on your favorite social media networks.

Continue

Dataset Citations

Citations for this dataset are retrieved from Crossref via DataCite using Make Data Count standards. For more information about dataset metrics, please refer to the User Guide.

Sorry, no citations were found.

Inaccessible Files Selected

The selected file(s) may not be downloaded because you have not been granted access or the file(s) have a retention period that has expired or the files can only be transferred via Globus.

You may request access to any restricted file(s) by clicking the Request Access button.

Ineligible Files Selected

The selected file(s) may not be transferred because you have not been granted access or the file(s) have a retention period that has expired or the files are not Globus accessible.

You may request access to any restricted file(s) by clicking the Request Access button.

Download Options

The files selected are too large to download as a ZIP.

You can select individual files that are below the 4.7 GB download limit from the files table, or use the Data Access API for programmatic access to the files.

Select File(s)

Please select a file or files to be downloaded.

Inaccessible Files Selected

The selected file(s) may not be downloaded because you have not been granted access or the file(s) have a retention period that has expired.

Click Continue to download the files you have access to download.

Ineligible Files Selected

Some file(s) cannot be transferred. (They are restricted, embargoed, with an expired retention period, or not Globus accessible.)

Click Continue to transfer the elligible files.

Delete Dataset

Are you sure you want to delete this dataset and all of its files? You cannot undelete this dataset.

Delete Draft Version

Are you sure you want to delete this draft version? Files will be reverted to the most recently published version. You cannot undelete this draft.

Unpublished Dataset Private URL

Private URL can only be used with unpublished versions of datasets.

Unpublished Dataset Private URL

Are you sure you want to disable the Private URL? If you have shared the Private URL with others they will no longer be able to use it to access your unpublished dataset.

Delete Files

The file(s) will be deleted after you click on the Delete button.

Files will not be removed from previously published versions of the dataset.

Compute

This dataset contains restricted files you may not compute on because you have not been granted access.

Deaccession Dataset

Are you sure you want to deaccession? This is permanent and the selected version(s) will no longer be viewable by the public.

Deaccession Dataset

Are you sure you want to deaccession this dataset? This is permanent an it will no longer be viewable by the public.

Version Differences Details

Please select two versions to view the differences.

Version Differences Details

Version:
Last Updated:

Select File(s)

Please select a file or files for access request.

Select File(s)

Embargoed files cannot be accessed. Please select an unembargoed file or files for your access request.

Edit Tags

Select existing file tags or create new tags to describe your files. Each file can have more than one tag.

Request Access

You need to Log In to request access.

Dataset Terms

Please confirm and/or complete the information needed below in order to request access to files in this dataset.

This dataset is made available under the following terms. Please confirm and/or complete the information needed below in order to continue.

License/Data Use Agreement

Our Community Norms as well as good scientific practices expect that proper credit is given via citation. Please use the data citation shown on the dataset page.

Creative Commons CC0 1.0 Universal Public Domain Dedication. CC0 1.0

Preview Guestbook

Upon downloading files the guestbook asks for the following information.

Guestbook Name

Collected Data

Account Information

Package File Download

Use the Download URL in a Wget command or a download manager to download this package file. Download via web browser is not recommended. User Guide - Downloading a Dataverse Package via URL

Download URL

https://dataverse.no/api/access/datafile/

Compute Batch

Clear Batch

Dataset	Persistent Identifier	Change Compute Batch

Compute Batch

Submit for Review

You will not be able to make changes to this dataset while it is in review.

Publish Dataset

Are you sure you want to republish this dataset?

Select if this is a minor or major version update.

Minor Release (2.2)

Major Release (3.0)

Publish Dataset

This dataset cannot be published until NTNU – Norwegian University of Science and Technology is published by its administrator.

Publish Dataset

This dataset cannot be published until NTNU – Norwegian University of Science and Technology and DataverseNO are published.

Return to Author

Return this dataset to contributor for modification.