|
SCADA Discovery, Security Architecture and Integration |
|
Industrial automation systems control numerous critical infrastructures such as electrial generation and transmission, oil and gas transmission, railroads, water treatment, traffic control and manufacturing facilities. These complex computer systems were designed with security expectations integrated at the physical layer. However, with the demand for cost savings, the continued necessity for high availability and industry competitiveness, these systems are no longer considered secure. SCADA systems have become corporate network connected and even traditional designs are no longer appropriate with the increased security awareness of the digital information age. Sph3r3, with the client, addresses the technical architecture and integration efforts of SCADA security, such as: - Interpretation of strategic and mandatory business rules in to technical system design elements
- Logical electronic security perimeter and supporting system security architecture
- Identifying trust levels and integrating the appropriate design elements
- Design, integration and documentation for system event collection, analysis and response
| Download Sph3r3's Free Threat Assessment Whitepaper You must understand the threats to protect the system. You must understand your system to protect it from the threats. In principle this appears simple, in practice this is incredibly challenging. Sph3r3 understands the critical needs of SCADA process and control systems and provides customized architectural designs to protect the critical assets supported by SCADA systems. Sph3r3 has updated the original 1999 work by the Defense Information Systems Agency (DISA) in an effort to aid in the portrayal of generalized threats to critical infrastructures. It is necessary to understand your valued assets, the vulnerabilities to those assets and the associated threats - we hope that you find "An Introduction to Cyber Threat Analysis" helpful in your efforts. |
The guide discusses the following topics: - Defining the Threat
- Electronic Warfare
- Operational Security
- Critical Infrastructure
- Identifying Potential Adversaries
- Risk Assessment Fact Model
- An Attack Taxonomy
- Example Attack Scenarios
Download the whitepaper here | |  |
|
