ISA's Security Technologies Technical Report Submitted to ANSI

Sept. 27, 2007
ISA-TR99.00.01, Security Technologies for Industrial Automation and Control Systems, has been submitted to ANSI for approval as an ANSI Technical Report.

The need for protecting Industrial Automation and Control System (IACS) computer environments from malicious cyber intrusions has grown significantly over the last decade, says the ISA. The combination of the increased use of open systems, platforms and protocols in the IACS environment, along with an increase in joint ventures, alliance partners and outsourcing has lead to increased threats and a higher probability of cyber attacks. As these threats and vulnerabilities increase, the risk of a cyber attack on an industrial communication network correspondingly increases, as well as the need for the protection of computer and networked based Information Sharing and Analysis Centers.

Also driving the need for better cyber security are the growth in intelligent equipment and embedded systems, increased connectivity to computer and networked equipment and software and enhanced external connectivity, coupled with rapidly increasing incidents of network intrusion, more intelligent hackers and malicious, yet easily accessible software.

There are numerous electronic security technologies and cyber intrusion countermeasures potentially available to the IACS environment. The Security Technologies for Industrial Automation and Control Systems Technical Report introduces several categories of cyber security technologies and countermeasure techniques and discusses specific types of applications within each category, the vulnerabilities addressed by each type, suggestions for their deployment, and their known strengths and weaknesses. Additionally, guidance is provided for using the various categories of security technologies and countermeasure techniques for mitigation of the above-mentioned increased risks.