Security Assessment of Industrial Control Supervisory and Process Control Zones
| Title | Security Assessment of Industrial Control Supervisory and Process Control Zones |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Combs-Ford, Marcia |
| Conference Name | Proceedings of the 17th Annual Conference on Information Technology Education |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4452-4 |
| Keywords | composability, industrial control system security, industrial control system security assessment, Metrics, network control systems, network control systems security, networked control systems, pubcrawl, Resiliency, security, threat vectors |
| Abstract | With the discovery of the Stuxnet malware in June 2010, Industrial Control System (ICS) security has gained global attention and scrutiny. Due to the unique industrial control operating environment, standard information technology host-based defenses such as operating system upgrades are not always feasible. Therefore, ICS security strategies must rely upon layered network infrastructure and enclave boundary defenses. As ICS threats evolve, so too must ICS security practices and strategies. ICS security innovation rely upon understanding the effectiveness of established defenses and countermeasures. In an effort to evaluate the security effectiveness of ICS layered perimeter defenses, a Red Team security assessment was conducted on an ICS test network. This experiment offers insight to the effectiveness of ICS perimeter defenses by demonstrating the reduction of attack vectors, decreased adversarial network access, and perimeter network defenses are an effective ICS security strategy. |
| URL | http://doi.acm.org/10.1145/2978192.2978219 |
| DOI | 10.1145/2978192.2978219 |
| Citation Key | combs-ford_security_2016 |