This whitepaper is the first in a series on the security of OPC (OLE for Process Control) and focuses on providing an overview of the widely-used industrial communication standard and how it is actually used in industry.
British Columbia Institute of Technology (BCIT), Digital Bond and Byres Research
This report presents evidence in support of a business case for improving security of Supervisory Control and Data Acquisition (SCADA), process control networks (PCN), and manufacturing and industrial automation systems based on an analysis of statistical trends in security incidents.
As enterprise systems evolve towards increasing integration, the need has increased for inherently secure process control systems. This research report describes an initial approach to PCS technical security risk assessment, with attention to the problem of effective risk communication. This document lays the foundation for advancement of a process that focuses on the methodical assessment of risk such that the assessment results will be readily and easily communicable.
Institute for Information Infrastructure Protection
The National Institute of Standards and Technology (NIST) has established an Industrial Control System Security Project to improve the security of public and private sector Industrial Control Systems (ICSs).
In this online video presentation (.wmv, 4.77 MB), industrial security expert, Rick Kaun, explains the importance of industrial security, and how plants can ensure that all security threats, especially those most commonly overlooked, are addressed.
This document summarizes important security principles that should be considered when designing and procuring control systems products (software, systems and networks), and provides example language to incorporate into specifications that address these concerns.
This White Paper is the first installment in a series intended to provide relevant cyber security information to the control systems community. It raises cyber security awareness through discussion of control system cyber security trends and provides information on Homeland Security and federal partner programs designed to enhance the cyber security posture of control systems within critical infrastructures.
This guide is designed to impart good practice for securing industrial process control, automation, distributed control and SCADA systems. It provides an overview of the necessity for process control and SCADA system security, highlights the differences between process control and SCADA system security and IT security, and identifies seven best practices principles.
This White Paper takes a look at the fundamental issues with the current practice of securing SCADA and control systems, discusses the concept of security zones of vulnerabilities, and briefly introduces several new and unique cyber defense solutions that can be deployed at each security zone.
This paper presents a new technology that increases the security of data and the overall usability of the solution. It facilitates integration between and with production systems -- from single plant system level through complex networks -- while preventing cyber attacks and unauthorized users from gaining access to critical process control data and the systems that control production.
This White Paper shows how the application of Active Model Capture Technology (AMCT) by a manufacturing plants problem-solving personnel reduces time wasted, and helps to focus the effort of these problem-solvers who must keep the process running at its best.
This paper outlines a new technological development that allows the transmission of video images using low bandwidth networks for protection against sabotage and attack on our nation's critical water system infrastructure.
This paper talks about each of the areas of concentration for process sucurity in detail--people, processes and technology--as well as the priority of developing a security philosophy which will in turn foster a security culture.
In the real world, sharing PCN data with external systems and accessing PCN systems from external sources is fast becoming a manufacturing necessity. This paper provides some generic guidelines for enabling secure connectivity between PCNs and external systems.
This presentation provides a holistic view of both the problems and potential solutions using manufacturing industry best practices and emerging standards to secure networks, data, systems, infrastructre and applications.
This paper takes a comprehensive look at wireless security for both corporate and industrial automation networks, placing an emphasis on the industrial automation security aspects and providing guidelines needed to secure your plants wireless systems.
This article serves as a tutorial on IT security for industrial systems. Security objectives are explained, attack types are illustrated, and available and suggested countermeasures and general good practices are described.