LESSONS LEARNED FROM CYBER SECURITY ASSESSMENTS OF SCADA AND ENERGY MANAGEMENT SYSTEMS
Conference
·
OSTI ID:911724
The results from ten cyber security vulnerability assessments of process control, SCADA and energy management systems, or components of those systems were reviewed to identify common problem areas. The common vulnerabilities ranged from conventional IT security issues to specific weaknesses in control system protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which an attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors.
- Research Organization:
- Idaho National Lab. (INL), Idaho Falls, ID (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- DE-AC07-99ID-13727
- OSTI ID:
- 911724
- Report Number(s):
- INL/CON-06-11665; TRN: US200801%%174
- Resource Relation:
- Conference: ISA Expo 2006,Houston TX,10/16/2006,10/19/2006
- Country of Publication:
- United States
- Language:
- English
Similar Records
US-CERT Control System Center Input/Output (I/O) Conceputal Design
DOE/DHS Industrial Control System Cyber Security Programs: A Model for Use in Nuclear Facility Safeguards and Security
Cyber Security and Resilient Systems
Technical Report
·
Tue Feb 01 00:00:00 EST 2005
·
OSTI ID:911724
DOE/DHS Industrial Control System Cyber Security Programs: A Model for Use in Nuclear Facility Safeguards and Security
Conference
·
Sun Jul 17 00:00:00 EDT 2011
·
OSTI ID:911724
+1 more
Cyber Security and Resilient Systems
Conference
·
Wed Jul 01 00:00:00 EDT 2009
·
OSTI ID:911724