Revision as of 20:35, 28 March 2023 edit Whizz40 (talk \| contribs) Extended confirmed users, Pending changes reviewers, Rollbackers 22,437 edits →External links: Update link Tag: Visual edit ← Previous edit		Revision as of 21:09, 6 April 2023 edit undo 2601:84:4700:33d0:8cf:e03c:cece:33da (talk) cleanup for clarity; better wording; no content changes Tag: Visual edit Next edit →
Line 1: '''Industrial Control System (ICS) Cybersecurity''' is the prevention of (intentional or unintentional) interference with the proper operation of [[automation\|industrial automation]] and [[industrial control systems\|control systems]]. These control systems manage essential services including electricity, petroleum production, water, transportation, manufacturing, and communications. They rely on computers, networks, operating systems, applications, and [[programmable logic controller\|programmable controllers]], each of which could contain [[vulnerability (computing)\|security vulnerabilities]]. The 2010 discovery of the [[Stuxnet\|Stuxnet worm]] demonstrated the vulnerability of these systems to cyber incidents.<ref name="tofinoexida201202">{{cite web \| url=http://www.exida.com/index.php/News/new_whitepaper_the_7_steps_to_ics_and_scada_security/ \| title=The 7 Steps to ICS Security \| accessdate=March 3, 2011 \| author1=Byres, Eric \| author2=Cusimano, John \| date=February 2012 \| publisher=Tofino Security and exida Consulting LLC \| url-status=dead \| archiveurl=https://web.archive.org/web/20130123141949/http://www.exida.com/index.php/News/new_whitepaper_the_7_steps_to_ics_and_scada_security/ \| archivedate=January 23, 2013 }}</ref> The United States and other governments have passed [[cyber-security regulation]]s requiring enhanced protection for control systems operating critical infrastructure. Control system security is known by several other names such as ''[[SCADA]] security'', ''PCN security'', ''Industrial [[network security]]'', ''[[Industrial control system]] (ICS) Cybersecurity'', ''[[Operational Technology]] (OT) Security, Industrial automation and control systems'' and ''Control System Cyber Security''. == Risks == Line 8: == Vulnerability of control systems == Industrial ~~automation~~Control ~~and~~Systems ~~control systems~~(ICS) have become far more vulnerable to security incidents due to the following trends that have occurred over the last 10 to 15 years. * Heavy use of Commercial Off-the Shelf Technology (COTS) and protocols. Integration of technology such as MS Windows, SQL, and Ethernet means that process control systems are now vulnerable to the same malware (viruses, worms and trojans) that affect common IT systems * Enterprise integration (using plant, corporate and even public networks) means that process control systems (legacy) are now being subjected to stresses that they were not designed for * Demand for Remote Access - ~~24/7~~24x7 access for engineering, operations or technical support means more insecure or rogue connections to control system * [[Security through obscurity\|Security Through Obscurity]] - Using ~~not~~non-standard, ~~publicly~~private ~~available~~or proprietary protocols or standards is detrimental to system security The cyber threats and attack strategies on automation systems are changing rapidly. ~~Fortunately, regulation~~Regulation of industrial control ~~system~~systems for security is rare ~~as regulation~~and is a slow moving process. The United States, for example, only does so for the [[nuclear power in the United States\|nuclear power]] and the [[chemical industry\|chemical industries]].<ref name="gross201104">{{cite web\|url=http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104\|title=A Declaration of Cyber-War\|author=Gross, Michael Joseph\|first=\|date=2011-04-01\|work=Vanity Fair\|publisher=Condé Nast\|archiveurl=https://web.archive.org/web/20140713082739/http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104\|archivedate=2014-07-13\|accessdate=2017-11-29\|df=}}</ref> == Government efforts == Line 36: ===NERC=== The most widely recognized ~~modern~~and latest NERC security standard is NERC 1300, which is a modification/update of NERC 1200. The latest version of NERC 1300 is called CIP-002-3 through CIP-009-3, with CIP referring to Critical Infrastructure Protection. These standards are used to secure bulk electric systems although NERC has created standards within other areas. The bulk electric system standards also provide network security administration while still supporting best-practice industry processes. ===NIST=== Line 42: The [[NIST Cybersecurity Framework]] (NIST CSF) provides a high-level taxonomy of cybersecurity outcomes and a methodology to assess and manage those outcomes. It is intended to help private sector organizations that provide [[critical infrastructure]] with guidance on how to protect it.<ref>{{cite web \| url=https://www.nist.gov/cyberframework/ \| title=NIST Cybersecurity Framework \| accessdate=2016-08-02 }}</ref> NIST Special Publication 800-82 Rev. 2 "''Guide to Industrial Control System (ICS) Security''" describes how to secure multiple types of Industrial Control Systems against cyber- attacks while considering the performance, reliability, and safety requirements specific to ICS.<ref>{{cite web \| last=Stouffer \| first=Keith \| last2=Lightman \| first2=Suzanne \| last3=Pillitteri \| first3=Victoria \| last4=Abrams \| first4=Marshall \| last5=Hahn \| first5=Adam \| title=Guide to Industrial Control Systems (ICS) Security \| website=CSRC \| NIST \| date=2015-06-03 \| doi=10.6028/NIST.SP.800-82r2 \| url=https://csrc.nist.gov/publications/detail/sp/800-82/rev-2/final \| access-date=2020-12-29}}</ref> == Control system security certifications ==

Control system security: Difference between revisions