skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Control Systems Cyber Security:Defense in Depth Strategies

Abstract

Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.

Authors:
;
Publication Date:
Research Org.:
Idaho National Laboratory (INL)
Sponsoring Org.:
USDOE
OSTI Identifier:
911553
Report Number(s):
INL/EXT-06-11478
TRN: US200801%%15
DOE Contract Number:
DE-AC07-99ID-13727
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
99 - GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE; ARCHITECTURE; BUSINESS; COMMUNICATIONS; CONTROL SYSTEMS; INTERNET; MAINTENANCE; SECURITY; TELEMETRY; Defense-in-Depth; firewall; ids; pcs; scada

Citation Formats

David Kuipers, and Mark Fabro. Control Systems Cyber Security:Defense in Depth Strategies. United States: N. p., 2006. Web. doi:10.2172/911553.
David Kuipers, & Mark Fabro. Control Systems Cyber Security:Defense in Depth Strategies. United States. doi:10.2172/911553.
David Kuipers, and Mark Fabro. Mon . "Control Systems Cyber Security:Defense in Depth Strategies". United States. doi:10.2172/911553. https://www.osti.gov/servlets/purl/911553.
@article{osti_911553,
title = {Control Systems Cyber Security:Defense in Depth Strategies},
author = {David Kuipers and Mark Fabro},
abstractNote = {Information infrastructures across many public and private domains share several common attributes regarding IT deployments and data communications. This is particularly true in the control systems domain. A majority of the systems use robust architectures to enhance business and reduce costs by increasing the integration of external, business, and control system networks. However, multi-network integration strategies often lead to vulnerabilities that greatly reduce the security of an organization, and can expose mission-critical control systems to cyber threats. This document provides guidance and direction for developing ‘defense-in-depth’ strategies for organizations that use control system networks while maintaining a multi-tier information architecture that requires: Maintenance of various field devices, telemetry collection, and/or industrial-level process systems Access to facilities via remote data link or modem Public facing services for customer or corporate operations A robust business environment that requires connections among the control system domain, the external Internet, and other peer organizations.},
doi = {10.2172/911553},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Mon May 01 00:00:00 EDT 2006},
month = {Mon May 01 00:00:00 EDT 2006}
}

Technical Report:

Save / Share: