SCADA and Control System Security: New Standards Protecting Old Technology

Abstract

Industrial control systems were designed and built with a primary focus on performance, availability and reliability - not security. As these systems integrate with corporate networks (and become indirectly connected to the Internet) and their vulnerabilities become more widely known, they are exposed to a variety of threats, from general network probes and denial of service attacks to custom malware that specifically target their components and protocols.

A new generation of standards-based security offerings lets operators defend their control system networks using the same technology that protects telecommunications, banking, and other critical IT infrastructure. The general principles are the same: keep outsiders out, keep insiders honest, keep an eye out for trouble, and keep communications open, clear, and fast - especially during emergencies. Open standards originally designed to enable intelligent, responsive NAC solutions are leveraged by security solutions specifically designed to protect control system environments.