College of Business and Administration
Winter2013 – Section 1
Control systems Security
Dr. Suhir Al Alamy
Thursday, June 9 , 2013
Table of Contents:
Security of control systems and new vulnerabilities:
Consequences of an Attack:
Efforts in control systems security:
Control system versus IT systems security:
System Requirements and Attack Models:
This research discusses the possibility of a control system of being attacked by different types of attacks and via different sources. The main questions are, what is the reason that would make the security of control system a very important and interesting topic? Why this problem should be subjected to studying and analyzing? What are the needed requirements for the security of a control system? Fundamental and new requirements are provided in this search. Additionally, new mathematical frameworks are proposed to analyze those attacks. This framework, the way to detect an attack and how to survive it has been out together in this paper (Alvaro A. C´ardenas, 2008).
Control system is the best way to control the behavior of a machine or a mechanism to get desired output that satisfies the customer needs and specifications. However, there certain problems might accrue, control systems can be subjected to different types of attacks and those attacks might cause also physical damage (Alvaro A. C´ardenas, 2008).
The use of control systems is to control machines, or any mechanical system one might say, to get output that would satisfy the need, control system also observe the physical processes and act accordingly as control systems are computer-based systems. Each control systems has a specific function depending on the application, they can be called PCS ( process Control Systems), SCADA as Supervisory Control and Data Acquisition ( used in industrial control), and CPS (Cyber-physical systems) embedded sensor and actuator networks (Alvaro A. C´ardenas, 2008).
Control systems consist of set of components and devices like networked agents, consisting of: sensors, actuators, control processing units, and communication devices. As figure 1 shows that a network that in the first stage the sensors and actuators are attached with the physical infrastructure and a connection is made between field devices through field area to the programmable logic controllers(PLCs) or remote terminal units (RTUs), where those control the local actions of a control system and implement it. A controlled network has a huge data base that it can keep the history of a process, optimizing it and has a production control in case of a higher level of manufacturing operations. This happens when the data is maintained between the process controller and workstations, as workstations control and set the physical infrastructure set points. The safetycritical, applications of different control systems, can be labeled as their failure can cause physical harm in permanent bases and could affect people who depend on such systems. For example, critical infrastructure like electric power distribution, oil and natural gas distribution, water treatment and transportations, are all controlled by SCADA systems and their failure can hurt people badly. Also, in other categories that are dependent on control systems, like health ,..etc, the failure of any of these systems will also lead to catastrophic losses in humans, environmentally and economically (Alvaro A. C´ardenas, 2008).
Security of control systems and new vulnerabilities
As control systems are very essential in our life and have been critical to the infrastructure, nowadays they are more vulnerable than ever and these vulnerabilities are due to verity...
References: * Alvaro A. C´ardenas, S. S. (2008). Research Challenges for the Security of Control Systems.
* ISA-SP99, Manufacturing and Control Systems Security. (2004). Retrieved 2013, from www.isa.org: http://www.isa.org/MSTemplate.cfm?Section=Home964&Site=SP99,_Manufacturing_and_Control_Systems_Security1&Template=/ContentManagement/MSContentDisplay.cfm&ContentID=62592
* NIST Seeks Comments on Security Control. (2011). Retrieved 2013, from www.nist.gov: http://www.nist.gov/itl/csd/20110301_80053_rev_rfc.cfm
Please join StudyMode to read the full document