In ICS/SCADA systems, the typical priority hierarchy of the IT Security Model components places
Availability and Integrity above Confidentiality. This prioritization is due to the critical nature of
operational continuity and data accuracy in industrial control systems, where system downtime or
incorrect data can lead to significant operational disruptions or safety issues. Confidentiality, while
important, is often considered of lesser priority compared to ensuring systems are operational
(Availability) and data is accurate (Integrity).
Reference:
National Institute of Standards and Technology (NIST), "Guide to Industrial Control Systems (ICS)
Security".
