Control System Cyber Security
along with reliability , environmental factors , fire threats , seismic risks , and other concerns . Since these were engineering issues , cyber security of these systems was perceived as an engineering function . The intent was to ensure that the engineering design basis would be met regardless of risks . Consequently , at that time , engineers were the front lines of cyber security defense . The focus was from the bottom up . That is , the emphasis was on whether the process could be impacted by cyber threats , which is process anomaly detection , or in other terms , mission assurance .
Following 9 / 11 , cyber security became a mainstay of national security . Because the IT function was responsible for corporate IT cyber security , the cyber security function for control systems was moved from the engineering organizations to the IT organizations within most entities . It was also in this period that engineering was severed from cyber security protection of their own systems . This pronounced shift resulted from cyber security monitoring and mitigation functions gravitating towards the Internet Protocol ( IP ) network layer . This included the widespread use of Human-Machine Interfaces ( HMIs ) with commercial-offthe-shelf operating systems , generally Microsoft Windows . Since Engineering was no longer in the forefront , control system cyber security went from being Mission Assurance to Information Assurance . And because these engineering systems were not included under IT ’ s purview , the Level 0 , 1 devices 3 were not incorporated in cyber security considerations . The net result is that most legacy engineering systems have no cyber security , authentication , or cyber logging , nor can they be upgraded . The lower level sensor networks such as Highway Addressable Remote Transducer ( HART 4 ), Profibus , 5 Fieldbus , 6 etc . also have little or no cyber security . hey present an inviting target for potential threats that are not IP-network focused . The different ways that control system architecture and guidelines are perceived by engineers and cyber security specialists causes further divergence .
Cyber security became an IT issue after the first virus / worm was identified in the late 1980s . The Morris worm of November 2 , 1988 — usually considered the first computer worm and certainly the first to gain significant mainstream media attention — was distributed via the
Internet . It resulted in the first conviction in the U . S . under the
1986 Computer Fraud and Abuse Act . IT cyberattacks have proliferated , leading to worldwide attention , diverse mitigation approaches , and government responses .
IT cybersecurity developed technical guidance starting with ISO / IEC27000 , which is part of a growing family of ISO / IEC Information Security Management Systems ( ISMS ) standards within the information and IT security fields . Standards
3 Level 0 = physical process ; Level 1 = controllers and intelligent devices including sensors , analyzers , actuators , instrumentation
113