Control System Cyber Security
Table 2 . Differences Between Networking and Engineering
The ability to implement suitable control system cybersecurity measures should rest , in part , on accurate information regarding sensor measurements , actual control system infiltration attempts , and system accidents which could be cyber-related . Unfortunately , cyber forensics are extremely limited for Level 0 , 1 devices , nor is there adequate cyber security training at this juncture for the majority of control system engineers . There has been reticence by government organizations both within the U . S . and internationally to share information about control system cyber incidents . Control system and equipment vendors are often made aware of control system cyber incidents with their equipment but do not share the information because of non-disclosure agreements . Consequently , there has been minimal identification or disclosure of actual control system cyber incidents . Even though there is a continuous flow of cyber vulnerability disclosures of Level 2 on up , there have been no cyber vulnerability disclosures by the DHS ICS-CERT on Level 0 , 1 devices .
This is true regarding Supervisory Control and Data Acquisition ( SCADA ) systems , 10 which are central to the integrity and performance of critical infrastructures . “ The escalating sophistication and modernization as well as real time con-
119