LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS
Conference
·
OSTI ID:911724
The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.
- Research Organization:
- Idaho National Laboratory (INL)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC07-99ID13727;
- OSTI ID:
- 911724
- Report Number(s):
- INL/CON-06-11665
- Conference Information:
- ISA Expo 2006,Houston TX,10/16/2006,10/19/2006
- Country of Publication:
- United States
- Language:
- English
Similar Records
Using cyber vulnerability testing techniques to expose undocumented security vulnerabilities in DCS and SCADA equipment
Cyber Assessment Methods for SCADA Security
Cyber Assessment Methods For SCADA Security
Conference
·
Sat Jul 01 00:00:00 EDT 2006
·
OSTI ID:22030140
Cyber Assessment Methods for SCADA Security
Conference
·
Tue May 31 20:00:00 EDT 2005
·
OSTI ID:911884
Cyber Assessment Methods For SCADA Security
Conference
·
Tue May 31 20:00:00 EDT 2005
·
OSTI ID:911094