Process Control and SCADA: Protecting Industrial Systems from Cyber Attack

Expo Theatre (Hall G) - Feedback     

Bookmark and Share

Mark Fabro

With the recent advancements in national security initiatives, as well as parallel efforts in research by both the public and the private community, there is an immediate requirement for the strategic development of plans to protect Critical Information and Key Resources (CI/KR) from cyber attack. As such, Process Control and SCADA systems are beginning to move to the forefront as it relates to threats and vulnerabilities. The PCS domain, along with SCADA systems, is becoming more at risk from a cyber perspective. The migration of traditionally closed control networks to open and common protocols, as well as Internet connectivity, introduces severe cyber security risk. Moreover, attacks on industrial command and control systems in the cyber domain often will manifest in the physical domain, putting the systems that control dams, pipelines, and energy distribution (among others) at risk.

The briefing will be a concise introduction to the cyber security issues in the control systems environment, will review historical issues and incidents, and discuss emerging mitigation strategies to help secure critical infrastructure information resources. Topics include:

  • Cyber threats and vulnerabilities in the process control/SCADA domain
  • Historical analysis of open source security incidents
  • Current technical problems requiring attention to mitigate the issues
  • Protocol analysis and inherent security weaknesses in process control
  • Strategies for defense (Firewalls, IDS, encryption) in process control systems
  • Mapping standards to the process control domain
  • Forward looking strategies by governments and the public sector