Big Chemical Encyclopedia

Chemical substances, components, reactions, process design ...

Articles Figures Tables About

SCADA network

Since the SCADA systems sensors provided valuable information, many utilities and other industries established connections between their SCADA systems and their business system. This allowed utility/industrial management and other staff access to valuable statistics, such as chemical usage. When utilities/industries later connected their systems to the Internet, they were able to provide stakeholders/stockholders with usage statistics on the utility/industrial web pages. Figure 7.1 provides a basic illustration of a representative SCADA network. Note that firewall protection (see chapter 9) would normally be placed between the Internet and the business system and between the business system and the MTU. [Pg.119]

According to the U.S. Environmental Protection Agency (2005), SCADA networks were developed with little attention paid to security, making the security of these systems often weak. Studies have found that while technological advancements introduced vulnerabilities, many industrial facilities and utilities have spent little time securing their SCADA networks. As a result, many SCADA networks may be susceptible to attacks and misuse. [Pg.121]

A study included a survey that found that many water utilities were doing little to secure their SCADA network vulnerabilities (Ezell 1998). For example, many respondents reported that they had remote access, which can allow an unauthorized person to access the system without being physically present. More than 60 percent of the respondents believed that their systems were not safe from unauthorized access and use. Twenty percent of the respondents even reported known attempts, successful unauthorized access, or use of their system. Yet twenty-two of forty-three respondents reported that they do not spend any time ensuring their network is safe, and eighteen of the forty-three respondents reported that they spend less than 10 percent ensuring network safety. [Pg.122]

Architecture. Many common practices negatively affect SCADA security. For example, while it is convenient to use SCADA capabilities for other purposes such as fire and security systems, these practices create single points of failure. Also, the connection of SCADA networks to other automation systems and business networks introduces multiple entry points for potential adversaries. [Pg.123]

The President s Critical Infrastructure Protection Board and the Department of Energy (DOE) have developed the steps outlined below to help organizations improve the security of their SCADA networks. DOE (2001) points out that these steps are not meant to be prescriptive or all-inclusive. However, they do address essential actions to be taken to improve the protection of SCADA networks. The steps are divided into two categories specific actions to improve implementation, and actions to establish essential underlying management processes and policies. [Pg.128]

The following steps focus on specific actions to be taken to increase the security of SCADA networks ... [Pg.128]

Conduct a thorough risk analysis to assess the risk and necessity of each connection to the SCADA network. Develop a comprehensive understanding of all connections to the SCADA network, and how well these connections are protected. Identify and evaluate the following types of connections ... [Pg.128]

To ensure the highest degree of security of SCADA systems, isolate the SCADA network from other network connections to as great a degree as possible. Any connection to another network introduces security risks, particularly if the connection... [Pg.128]

Evaluate and strengthen the security of any remaining connections to the SCADA network. [Pg.129]

Harden SCADA networks by removing or disabling unnecessary services. [Pg.129]

Establish strong controls over any medium that is used as a backdoor into the SCADA network. [Pg.130]

Where backdoor or vendor connections do exist in SCADA systems, strong authentication must be implemented to ensure secure communications. Modems, wireless, and wired networks used for communications and maintenance represent a significant vulnerability to the SCADA network and remote sites. Successful war dialing or war driving attacks could allow an attacker to bypass all other controls and have direct access to the SCADA network or resources. To minimize the risk of such attacks, disable inbound access and replace it with some type of callback system. [Pg.130]

Conduct physical security surveys and assess all remote sites connected to the SCADA network to evaluate their security. [Pg.131]

Any location that has a connection to the SCADA network is a target, especially unmanned or unguarded remote sites. Conduct a physical security survey and inventory access points at each facility that has a connection to the SCADA system. Identify and assess any source of information including remote telephone/ computer network/fiber optic cables that could be tapped radio and microwave links that are exploitable computer terminals that could be accessed and wireless local area network access points. Identify and eliminate single points of failure. The security of the site must be adequate to detect or prevent unauthorized access. Do not allow live network access points at remote, unguarded sites simply for convenience. [Pg.131]

Release data related to the SCADA network only on a strict, need-to-know basis, and only to persons explicitly authorized to receive such information. Social engineering, the gathering of information about a computer or computer network via questions to naive users, is often the first step in a malicious attack on computer networks. The more information revealed about a computer or computer network, the more vulnerable the computer/network is. Never divulge data revealed to a SCADA network, including the names and contact information about the system operators/administrators, computer operating systems, and/or physical and logical locations of computers and network systems over telephones or to personnel unless they are explicitly authorized to receive such information. Any requests for information by unknown persons need to be sent to a central network security location for verification and fulfillment. People can be a weak link in an otherwise secure network. Conduct training and information awareness... [Pg.134]

U.S. Department of Energy (DOE). 2001. 21 steps to improve cyber security of SCADA networks. Washington, DC Department of Energy. [Pg.135]

The growing usage of low cost COTS components comes at the cost of potentially increasing the vulnerabihty of SCADA systems to node and communication failures and cyber attacks. The crash of SCADA network nodes usually... [Pg.161]

Scalability. Due to many interconnected SCADA networks, a large nmnber of nodes shall cooperate efficiently. Thus, the solution needs to be scalable. [Pg.165]

Igure, V.M., Laughter, S.A. Williams, R.D. 2006. Security Issues in SCADA Networks. Journal of Computers and Security, Vol.25, p.498-506. [Pg.2058]

See other pages where SCADA network is mentioned: [Pg.120]    [Pg.121]    [Pg.128]    [Pg.128]    [Pg.129]    [Pg.129]    [Pg.129]    [Pg.131]    [Pg.161]    [Pg.171]    [Pg.176]   
See also in sourсe #XX -- [ Pg.111 ]



SEARCH



SCADA

© 2024 chempedia.info