Process Automation Integrated Systems: A Data-Driven Search for Oil
Integrated Systems Pump Data to Feed the Search for Oil in Alberta
Implementation Details in Virtualization Project
Learn How an End User's First Use of Virtualization in a Production Environment Lead to Success
Wireless IP Networks Don't Have to Be Vulnerable
As IP Networks Grow Beyond the Enterprise and Into the Field, That Should Not Mean They're More Susceptible to Cyber Attack
Change Is in the Wind for SCADA
Are SCADA Systems Showing Us the Future of Control System Architecture?
White Papers: In Depth Research
Analysis of 3S CoDeSys Security Vulnerabilities for Industrial Control System Professionals
This White Paper explains:
- What the 3S CoDeSys vulnerabilities are and what an attacker can do with them
- How to find out what control/SCADA devices are affected
- The risks and potential consequences to SCADA and control systems
- The compensating controls that will help block known attack vectors
A number of security vulnerabilities in the CoDeSys Control Runtime System were disclosed in January 2012. In October 2012, fully functional attack tools were also released to the general public.
While CoDeSys is not widely known in the SCADA and ICS field, its product is embedded in many popular PLCs and industrial controllers. Many vendors are potentially vulnerable, and include devices used in all sectors of manufacturing and infrastructure. As a result, there is a risk that criminals or political groups may attempt to exploit them for either financial or ideological gain.
This White Paper summarizes the currently known facts about these vulnerabilities and associated attack tools. It also provides guidance regarding a number of mitigations and compensating controls that operators of SCADA and ICS systems can take to protect critical operations.
SCADA Systems - Looking Ahead
Author: Schneider Electric - Control MicroSystems
This white paper provides insight into the evolution of the modern SCADA system and looks to the very near future by discussing such timely topics as:
- Improving system efficiency and security
- Managing field data and
- Open standards
Supervisory Control and Data Acquisition (SCADA) systems are used in a wide range of applications to provide monitoring and control of remote equipment and assets. A SCADA system’s primary function is to transfer and present information to/from a range of sources and locations, while ensuring that data integrity and appropriate update rates are maintained.
SCADA System Evolution
SCADA systems have evolved from early telemetry systems that used tone-based modulation techniques to transfer analog and digital values at low data rates over telephone lines and radio links. Modern SCADA systems are able to provide 'near real-time' updates from thousands of Remote Terminal Units (RTUs) that are often spread over large geographical areas, using a range of secure communications media, to multiple 'users' that may also be remotely located.
Until recently SCADA systems were most often used in a reactive manner to identify system faults as they occurred and to record system data and events for later analysis. Present demands on all types of businesses for increased efficiencies and particularly on utility companies for increased security of their assets and products means SCADA systems must now be pro-active and include a lot of data management and security functionality that allows problems to be avoided - rather than just recorded.
Cloud-Based SCADA Systems: The Benefits and Risks
Author: Inductive Automation
Is Moving Your SCADA System to the Cloud Right For Your Company?
Cloud computing is a hot topic. As people become increasingly reliant on accessing important information through the Internet, the idea of storing or displaying vital real-time data in the cloud has become more commonplace. With tech giants like Apple, Microsoft, and Google pushing forward the cloud computing concept, it seems to be more than just a passing trend.
Recently the focus of cloud computing has started to shift from consumer-based applications to enterprise management systems. With the promise of less overhead, lower prices, quick installation, and easy scalability, cloud computing appears to be a very attractive option for many companies.
Common questions surround this new technology: What is the "cloud"? What kind of information should be stored there? What are the benefits and risks involved? Is moving toward cloud computing right for your company?
Cloud computing is not a "fix-all" solution. It has strengths and weaknesses, and understanding them is key to making a decision about whether it's right for your company. We'll explore the major benefits and risks involved, and give you a set of factors to consider when choosing what information to put on the cloud.
The Advantages of an Integrated Factory Acceptance Test in an ICS Environment
Author: Jerome Farquharson, Critical Infrastructure and Compliance Practice Manager, and Alexandra Wiesehan, Cyber Security Analyst, Burns & McDonnell
When adding, modifying or upgrading a system, many critical infrastructures conduct a Factory Acceptance Test (FAT). A FAT includes a customized testing procedure for systems and is executed before the final installation at the critical facility. Because it is difficult to predict the correct operation of the safety instrumented system or consequences due to failures in some parts of the safety instrumented system, a FAT provides a valuable check of these safety issues. Similarly, since cyber security can also impact safety of critical systems if a system is compromised, it naturally makes sense to integrate cyber security with the FAT, a concept that brings extreme value and savings to an implementation process.
An Integrated Factory Acceptance Test (IFAT) is a testing activity that brings together selected components of major control system vendors and Industrial Control System (ICS) plant personnel in a single space for validation and testing of a subset of the control system network and security application environment in an ICS environment. Conducting an IFAT provides important advantages and benefits including: time savings, cost savings, improved ability to meet compliance requirements, and increased comfort level with integrated security solutions.
With the current trend of more intelligent ICSs and increased regulatory compliance, the best practice to achieving ICS and IT integration is by conducting an IFAT. A common problem that occurs in the industry is the unanticipated work associated with implementing security controls which can result in production issues. Performing an IFAT avoids costly redesign and troubleshooting during outage operations saving time and money that leads to an enhanced, sound security solution.
- GE Intelligent Platforms' Proficy HMI/SCADA, iFix and Cimplicity are now available on the Apple iPad.
- P-Easy is a professional narrow band data radio modem for safe industrial data transmission
- GE Intelligent Platforms goes mobile with iPad extensions for the Proficy HMI/SCADA iFix and Cimplicity applications.
- ICONICS GENESIS64 is an extensive 64-bit HMI/SCADA solution utilizing the latest visualization technologies to deliver high-powered 2D, 3D, and GEO-SCADA HMI visualizations
Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.
- Featured White Papers