Home > Automation > SCADA Systems


[ pdf ] 21 Steps to Improve Cyber Security of SCADA Networks

21 Steps to Improve Cyber Security of SCADA Networks Download
369
times
Topic under  SCADA Systems
Source: www.oe.netl.doe.gov 
File size: 2.85 MB
File type: pdf
Last download on: Sun Feb 18, 2018 02:05:43 PM
Short Desciption:
Supervisory control and data acquisition (SCADA) networks contain computers and applications that perform key functions in providing essential services and commodities (e.g., electricity, natural gas, gasoline, water, waste treatment, transportation) to all Americans. As such, they are part of the nationís critical infrastructure and require protection from a variety of threats that exist in cyber space today. By allowing the collection and analysis of data and control of equipment such as pumps and valves from remote locations, SCADA networks provide great efficiency and are widely used. However, they also present a security risk. SCADA networks were initially designed to maximize functionality, with little attention paid to security. As a result, performance, reliability, flexibility and safety of distributed control/SCADA systems are robust, while the security of these systems is often weak. This makes some SCADA networks potentially vulnerable to disruption of service, process redirec- tion, or manipulation of operational data that could result in public safety concerns and/or serious disruptions to the nationís critical infrastructure. Action is required by all organizations, government or commercial, to secure their SCADA networks as part of the effort to adequately protect the nationís critical infrastructure.

Summary:
Introduction
Background.
21 Steps
1.Identify all connections to SCADA networks
2. Disconnect unnecessary connections to the SCADA network .
3.Evaluate and strengthen the security of any remaining connections to the SCADA network
4. Harden SCADA networks by removing or disabling unnecessary services
5. Do not rely on proprietary protocols to protect your system
6. Implement the security features provided by device and system vendors
7. Establish strong controls over any medium that is used as a backdoor into the SCADA network
8. Implement internal and external intrusion detection systems and establish 24-hour-a-day incident monitoring
9. Perform technical audits of SCADA devices and networks, and any other connected networks, to identify security concerns
10. Conduct physical security surveys and assess all remote sites connected to the SCADA network to evaluate their security
11. Establish SCADA ďRed TeamsĒ to identify and evaluate possible attack scenarios
12. Clearly define cyber security roles, responsibilities, and authorities for managers, system administrators, and users
13. Document network architecture and identify systems that serve critical functions or contain sensitive information that require additional levels of protection
14. Establish a rigorous, ongoing risk management process
15. Establish a network protection strategy based on the principle of defense-in-depth
16. Clearly identify cyber security requirements
17. Establish effective configuration management processes
18. Conduct routine self-assessments
19. Establish system backups and disaster recovery plans
20. Senior organizational leadership should establish expectations for cyber security performance and hold individuals accountable for their performance
21. Establish policies and conduct training to minimize the likelihood that organizational personnel will inadvertently disclose sensitive information regarding SCADA system design, operations, or security controls

Bookmark or share this info on Google+ and leave comment at below :

Bookmark and Share

People who downloaded this also viewed in this sites:

Design Development and Commissioning of a SCADA Laboratory for Research and Training
This paper reports a state-of-the-art Supervisory Control and Data Acquisition (SCADA) Laboratory facility for power systems at Jamia Millia...

SCADA communication techniques and standard
SCADA Communication. Techniques and Standards. Dennis J. Gaushelll and Wayne R. Block2. S upervisory control and data acquisition (SCADA) systems...

ARCHITECTURE FOR SECURE SCADA AND DISTRIBUTED CONTROL SYSTEM NETWORKS
Industrial control systems are an integral part of the critical infrastructures of electric, water, oil/gas, chemicals, pipelines, and...

    Leave comment :
    "21 Steps to Improve Cyber Security of SCADA Networks"

    Name*

    Comment


    Related Free Files

    Troubleshooting SCADA Radio System Interface... - Download: 385 times
    SCADA Applications and Case Studies ... - Download: 2043 times
    ARCHITECTURE FOR SECURE SCADA AND... - Download: 298 times
    WHAT IS SCADA... - Download: 254 times
    SCADA Field Devices... - Download: 1135 times
    Automation and Security Consulting Services... - Download: 1538 times
    Design Development and Commissioning of a... - Download: 281 times
    IEC 1131 PROGRAMMABLE CONTROLLERS... - Download: 894 times
    SUPERVISORY CONTROL AND DATA ACQUISITION... - Download: 2245 times
    Supervisory Control and Data Acquisition... - Download: 203 times


    eXTReMe Tracker