Visible to the public Security Assessment of Industrial Control Supervisory and Process Control Zones

TitleSecurity Assessment of Industrial Control Supervisory and Process Control Zones
Publication TypeConference Paper
Year of Publication2016
AuthorsCombs-Ford, Marcia
Conference NameProceedings of the 17th Annual Conference on Information Technology Education
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4452-4
Keywordscomposability, industrial control system security, industrial control system security assessment, Metrics, network control systems, network control systems security, networked control systems, pubcrawl, Resiliency, security, threat vectors
Abstract

With the discovery of the Stuxnet malware in June 2010, Industrial Control System (ICS) security has gained global attention and scrutiny. Due to the unique industrial control operating environment, standard information technology host-based defenses such as operating system upgrades are not always feasible. Therefore, ICS security strategies must rely upon layered network infrastructure and enclave boundary defenses. As ICS threats evolve, so too must ICS security practices and strategies. ICS security innovation rely upon understanding the effectiveness of established defenses and countermeasures. In an effort to evaluate the security effectiveness of ICS layered perimeter defenses, a Red Team security assessment was conducted on an ICS test network. This experiment offers insight to the effectiveness of ICS perimeter defenses by demonstrating the reduction of attack vectors, decreased adversarial network access, and perimeter network defenses are an effective ICS security strategy.

URLhttp://doi.acm.org/10.1145/2978192.2978219
DOI10.1145/2978192.2978219
Citation Keycombs-ford_security_2016