Control Systems Cyber Security:Defense in Depth Strategies
Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.
- Research Organization:
- Idaho National Laboratory (INL)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC07-99ID13727
- OSTI ID:
- 911553
- Report Number(s):
- INL/EXT-06-11478
- Country of Publication:
- United States
- Language:
- English
Similar Records
A cyber‐secure control‐detector architecture for nonlinear processes
Cyber Incidents Involving Control Systems