Essay paper help

The vulnerabilities of industrial control systems and possible solutions Essay

Category: Logic & Programming Pages: 3 Type: Essay Level: College
Unfortunately some do not believe there is a real threat. For example, Tom Donahue from the CIA stated that "attacks on critical infrastructure lack the necessary dramatic display that seems to be preferred by this constituency" (Marsh, 2006, p. 12). This concept may have been true five years ago, but as the world becomes more connected the disruption of electricity, water, or gas would be a fairly dramatic event for those experiencing it, and for those watching it.
Previously most facilities were separated by using their privately owned machines, hardware and methods of communication. However, with the onset of more facilities and corporations using "commercial, off-the-shelf" products the vulnerability increases (D'Amico, 2004).
The SPP-ICS provides three main areas to watch; the type of agent, method of attack, and the asset that will be affected by the attack. The agent is the insider or outsider that either maliciously or accidently causes an attack on the ICS. The vulnerabilities of attack can include, but are not limited to, protocols, unnecessary systems attached to the ICS, outside remote access to the ICS, incorrect IT architecture, lack of security controls, and lack of risk assessment upon or prior to installation of the system. The assets consist of all the systems used to control the system software and hardware and the infrastructure of the company (Barr, 2004; NIST, 2004)
When working to correct or strengthen the security of these systems, the company should look at physical items, the connectivity and if it is secure, authentication, backup and remote access as well as many other attributes of security. Understanding the