skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Secure Data Transfer Guidance for Industrial Control and SCADA Systems

Abstract

This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead tomore » the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.« less

Authors:
; ; ; ; ; ;
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1030885
Report Number(s):
PNNL-20776
830403000; TRN: US201201%%429
DOE Contract Number:  
AC05-76RL01830
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
03 NATURAL GAS; 99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE; COMPUTER NETWORKS; CONTROL SYSTEMS; DATA ACQUISITION; DATA TRANSMISSION; ELECTRIC POWER; EXPENDITURES; IMPLEMENTATION; INTRUSION DETECTION SYSTEMS; MONITORING; NATIONAL SECURITY; NATURAL GAS; SECURITY; THEFT; SCADA; Industrial Control Systems; Cyber Security; Security Architecture; Guidance

Citation Formats

Mahan, Robert E, Fluckiger, Jerry D, Clements, Samuel L, Tews, Cody W, Burnette, John R, Goranson, Craig A, and Kirkham, Harold. Secure Data Transfer Guidance for Industrial Control and SCADA Systems. United States: N. p., 2011. Web. doi:10.2172/1030885.
Mahan, Robert E, Fluckiger, Jerry D, Clements, Samuel L, Tews, Cody W, Burnette, John R, Goranson, Craig A, & Kirkham, Harold. Secure Data Transfer Guidance for Industrial Control and SCADA Systems. United States. https://doi.org/10.2172/1030885
Mahan, Robert E, Fluckiger, Jerry D, Clements, Samuel L, Tews, Cody W, Burnette, John R, Goranson, Craig A, and Kirkham, Harold. 2011. "Secure Data Transfer Guidance for Industrial Control and SCADA Systems". United States. https://doi.org/10.2172/1030885. https://www.osti.gov/servlets/purl/1030885.
@article{osti_1030885,
title = {Secure Data Transfer Guidance for Industrial Control and SCADA Systems},
author = {Mahan, Robert E and Fluckiger, Jerry D and Clements, Samuel L and Tews, Cody W and Burnette, John R and Goranson, Craig A and Kirkham, Harold},
abstractNote = {This document was developed to provide guidance for the implementation of secure data transfer in a complex computational infrastructure representative of the electric power and oil and natural gas enterprises and the control systems they implement. For the past 20 years the cyber security community has focused on preventative measures intended to keep systems secure by providing a hard outer shell that is difficult to penetrate. Over time, the hard exterior, soft interior focus changed to focus on defense-in-depth adding multiple layers of protection, introducing intrusion detection systems, more effective incident response and cleanup, and many other security measures. Despite much larger expenditures and more layers of defense, successful attacks have only increased in number and severity. Consequently, it is time to re-focus the conventional approach to cyber security. While it is still important to implement measures to keep intruders out, a new protection paradigm is warranted that is aimed at discovering attempted or real compromises as early as possible. Put simply, organizations should take as fact that they have been, are now, or will be compromised. These compromises may be intended to steal information for financial gain as in the theft of intellectual property or credentials that lead to the theft of financial resources, or to lie silent until instructed to cause physical or electronic damage and/or denial of services. This change in outlook has been recently confirmed by the National Security Agency [19]. The discovery of attempted and actual compromises requires an increased focus on monitoring events by manual and/or automated log monitoring, detecting unauthorized changes to a system's hardware and/or software, detecting intrusions, and/or discovering the exfiltration of sensitive information and/or attempts to send inappropriate commands to ICS/SCADA (Industrial Control System/Supervisory Control And Data Acquisition) systems.},
doi = {10.2172/1030885},
url = {https://www.osti.gov/biblio/1030885}, journal = {},
number = ,
volume = ,
place = {United States},
year = {Thu Sep 01 00:00:00 EDT 2011},
month = {Thu Sep 01 00:00:00 EDT 2011}
}