Roadmap to Secure Control Systems in the Water Sector
Abstract
Today's industrial control systems (ICS) environments are incredibly complex assemblages of technology, processes, and people that work together to successfully carry out the missions and business functions of an organization. These systems have improved water and wastewater service and increased reliability in those infrastructures. As ICS have become more affordable and easier to use, most utilities have chosen to adopt them for process monitoring and/or control. This reliance on ICS has left the water sector and other dependent critical infrastructures--such as energy, transportation, and food and agriculture--potentially vulnerable to targeted cyber attack or accidental cyber events. Cyber threats to ICS are changing and growing. Computer attackers are seeking new targets and criminal extortion is increasing. ICS security is no longer simply about blocking hackers or updating anti-virus software. A new underground digital economy now provides a multi-billion dollar incentive for potential adversaries to exploit ICS vulnerabilities. In today's highly dynamic and expanding digital economy, much of the ICS that operate our current water sector infrastructure are being used in ways that were never intended. Many ICS were designed decades ago with little or no consideration of cyber security. Increasing connectivity, the proliferation of access points, escalating system complexity, and wider use of common operating systems and platforms have all contributed to heightened security risks.
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 01, 2008
- Accession Number
- ADA529983