**2. Related Work**

This section will review the current status of vulnerability assessment. This review aims to find similar approaches from the literature, including the current standard and metrics.

### *2.1. Vulnerability Analysis in Security Standards*

Industry is currently making a significant effort to incorporate security aspects into the development of industrial components, which has led to a set of standards, such as the Common Criteria and ISA/IEC 62443. This review is focused on how these standards conduct vulnerability analysis, the use of metrics, their managemen<sup>t</sup> of the life cycle of the device, the techniques that they propose, and the security evaluation of both software and hardware.
