Revision as of 21:44, 26 December 2019 edit Comfr (talk \| contribs) Extended confirmed users 11,135 edits +anchor ← Previous edit		Revision as of 18:03, 6 January 2020 edit undo GreenC bot (talk \| contribs) Bots 3,062,595 edits Reformat 1 archive link. Wayback Medic 2.5 Next edit →
Line 1: '''Control system security''' is the prevention of (intentional or unintentional) interference with the proper operation of [[automation\|industrial automation]] and [[industrial control systems\|control systems]]. These control systems manage essential services including electricity, petroleum production, water, transportation, manufacturing, and communications. They rely on computers, networks, operating systems, applications, and [[programmable logic controller\|programmable controllers]], each of which could contain [[vulnerability (computing)\|security vulnerabilities]]. The 2010 discovery of the [[Stuxnet\|Stuxnet worm]] demonstrated the vulnerability of these systems to cyber incidents.<ref name="tofinoexida201202">{{cite web \| url=http://www.exida.com/index.php/News/new_whitepaper_the_7_steps_to_ics_and_scada_security/ \| title=The 7 Steps to ICS Security \| accessdate=March 3, 2011 \| author1=Byres, Eric \| author2=Cusimano, John \| date=February 2012 \| publisher=Tofino Security and exida Consulting LLC \| url-status=dead \| archiveurl=https://web.archive.org/web/20130123141949/http://www.exida.com/index.php/News/new_whitepaper_the_7_steps_to_ics_and_scada_security/ \| archivedate=January 23, 2013 }}</ref> The United States and other governments have passed [[cyber-security regulation]]s requiring enhanced protection for control systems operating critical infrastructure. Line 15 ⟶ 14: * [[ Security_through_obscurity \| Security Through Obscurity]] - Using not publicly available protocols or standards is detrimental to system security The cyber threats and attack strategies on automation systems are changing rapidly. Fortunately, regulation of control system security is rare as regulation is a slow moving process. The United States, for example, only does so for the [[nuclear power in the United States\|nuclear power]] and the [[chemical industry\|chemical industries]].<ref name="gross201104">{{cite web\|url=http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104\|title=A Declaration of Cyber-War\|author=Gross, Michael Joseph\|first=\|date=2011-04-01\|work=Vanity Fair\|publisher=Condé Nast\|archiveurl=https://web.archive.org/web/20140713082739/http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104\|archivedate=~~2017~~2014-1107-2913\|accessdate=2017-11-29\|df=}}</ref> == Government efforts ==

Control system security: Difference between revisions