Control Systems Cyber Security: Defense-in-Depth Strategies
Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: • Maintenance of various field devices, telemetry collection, and/or industrial-level process systems • Access to facilities via remote data link or modem • Public facing services for customer or corporate operations • A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.
- Research Organization:
- Idaho National Lab. (INL), Idaho Falls, ID (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- DE-AC07-99ID-13727
- OSTI ID:
- 923499
- Report Number(s):
- INL/CON-07-12804; TRN: US200804%%1197
- Resource Relation:
- Conference: 2007 ISA Expo,Houston, TX,10/02/2007,10/04/2007
- Country of Publication:
- United States
- Language:
- English
Similar Records
Recommended Practice: Creating Cyber Forensics Plans for Control Systems
Cyber Incidents Involving Control Systems
Related Subjects
ARCHITECTURE
BUSINESS
COMMUNICATIONS
CONTROL SYSTEMS
INTERNET
MAINTENANCE
SECURITY
TELEMETRY
cyber security
Defense-in-depth
DMZ
encryption
firewall
IDS
industrial control system
Intrusion detection
mitigation
PCS
Process Control System
SCADA