Industrial cybersecurity for power system and SCADA networks

Many automation and modernization programs are now employing Intranet/Internet technologies in industrial control strategies. The ensuing systems are a mixture of state-of-the-art and legacy installations and create challenges in the implementation and enforcement of security measures. Control system intrusions can cause environmental damage, safety risks, poor quality and lost production. This paper presents methods to determine and reduce the vulnerability of networked control systems to unintended and malicious intrusions. The procedure for conducting a thorough assessment of the process control networks to evaluate these risks is presented. Security issues are identified, as are technical and procedural countermeasures to mitigate these risks. Examples are drawn from past assessments and incidents. Once complete, the assessment results allow the network designer to plan infrastructure expansion with confidence in the security and reliability of the network's operation. Index Terms - industrial networked control systems, network security, Ethernet communications, vulnerability assessment, secure network architecture, remote access, control system security, cybersecurity.