Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    August 2014
    S M T W T F S
    « Jul    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • About Us

    ICS (Industrial Control Systems) Networks have been really big news lately, due to a spate of vulnerabilities, high-publicized breaches, and various other security concerns.

    ICS Networks are defined as networks or collections of networks that consist of elements that control and provide telemetry data on electromechanical components. Such components include valves, regulators, switches, and other electromechanical devices that one may find in various industries such as oil and gas production, water processing, environmental control, electrical power generation and distribution, manufacturing, transportation, and many other industrial settings.

    Without getting into detail for each particular industry segment, each of these ICS environments share a common fate —- they are not “traditional” IT network environments and should not be treated as such. Most ICS networks share similar security challenges because of this uniqueness. These challenges are made more complex by the interaction of ICS elements with physical industrial components.

    Failure to properly control or restrict access to these elements can lead to catastrophic accidents. Many of the industrial systems managed by these elements are considered “critical infrastructure (CI)” and require a much more specialized security architecture than traditional IT environments.

    Supervisory Control and Data Acquisition (SCADA) networks can be defined as the network layer that immediately interfaces with ICS networks as well as host systems that control and monitor elements of ICS networks.

    SCADA/ICS networks differ from other networks only in the network elements, management platforms, and sensitivity. All-in-all, they suffer from exactly the same threats as other networks, but with even more potentially catastrophic outcomes.

    The biggest issue with SCADA/ICS security is that the ICS community has (for the most part) enjoyed living in a “bubble” for many years – they used proprietary protocols, on specialized & proprietary platforms, on dedicated slow-speed communications infrastructure (even some dial-up), and were completely disconnected from other networks (e.g. the Internet).

    Now, the SCADA/ICS community is grappling with the security issues of using commodity hardware and software (e.g. Microsoft Windows), being connected to other external networks (enterprise networks and ultimately the Internet), a chaotic & uncontrolled vulnerability disclosure regime (ICS vulnerabilities being targeted for exploitation), and all other manner of threats that the rest of the general IT security industry has been dealing with for many years.

    Yes, some ICS network operators are behind the curve, and yes, some are overwhelmed by these circumstances. But the overall SCADA/ICS community is improving it’s security posture more and more every day.

    I have put together a tech note white paper Entitled Towards a More Secure Posture for Industrial Control Systems which briefly discusses some basic beneficial security architecture elements for this environment.

    This paper illustrates what I believe should be considered required elements in every ICS network integration effort. It also covers best practices when integrating with SCADA and existing organizational networks as well as the rationale for and importance of each component of the suggested architecture. It is not intended to be an all-inclusive guide for ICS/SCADA security, but rather just a high-level overview of some basic architectural elements which can increase the security posture of an ICS deployment.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice