Critical infrastructures are the complex and highly interdependent systems, networks, and assets that provide the services essential in our daily life.
They are currently organized into the following 17 critical infrastructure and key resource (CI/KR) sectors:
1)
Banking and Finance
2)
Chemical
3)
Commercial Facilities
4)
Commercial Nuclear Reactors, Materials, and Waste
5)
Dams
6)
Defense Industrial Base
7)
Drinking Water and Wastewater Treatment Systems
8)
Emergency Services
9)
Energy
10)
Food and Agriculture
11)
Government Facilities
12)
Information Technology
13)
National Monuments and Icons
14)
Postal and Shipping
15)
Public Health and Healthcare
16)
Telecommunications
17)
Transportation Systems
Given the criticality of these systems, networks, and assets that we rely on so greatly; the protection of such infrastructure is essential to not only our well-being, but also our way of life. Critical infrastructure protection, commonly referred to as CIP, is a priority for the government, as well as the private sector and state and local government.
SCADA / ICS Security:
ICS stands for Industrial Control Systems and is the “brother” of ICT – Information Communication Technologies. ICS includes supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as skid-mounted Programmable Logic Controllers (PLC) are often found in the industrial control sectors such as electric, water, oil and gas, transportation, chemical, pharmaceutical, pulp and paper, food and beverage, and discrete manufacturing (e.g., automotive, aerospace, and durable goods.)
SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control.
DCS are generally used to control production systems within a local area such as a factory using supervisory and regulatory control.
PLCs are generally used for discrete control for specific applications and generally provide regulatory control.
The Term SCADA is often used as a synonym for Industrial Control Systems.
Why ICS Security?
The majority of ICS systems have useful lifespan ranging from 15 to 30 years. In most instances, the underlying protocols were designed without modern security requirements in mind. The rapid advance of technology and the changing business environment are driving changes in SCADA network architecture, introducing new vulnerabilities to legacy systems. The current push towards greater efficiency, consolidated production platforms and larger companies with smaller staffing levels is leading to changes in SCADA systems which are raising many questions about security. In summary, these involve:
an increasing reliance on public telecommunications networks to link previously separate ICS systems;
increasing usage of published open standards and protocols, in particular Internet technologies;
The interconnection of ICS systems to other business networks to enhance the amount, detail and timeliness of information available to management.
