ChemITC
Over the years, a number of key cyber security issues have provided the impetus behind Program activities. Project teams aligned with the Chemical Sector Cyber Security Strategy are continually exploring the cyber security landscape to understand the implications of key issues and trends on the chemical industry. The following white papers share recent findings regarding issues identified and the need for continuing action.
Report of Technical Survey Results: Separating Industrial Automation and Business Systems (PDF)
Executive Summary - Separating Industrial Automation and Business Systems Survey Report (PDF)
Release Date: December 2008
The Chemical Sector Cyber Security Program’s Manufacturing and Control Systems (M&CS) Team conducted a survey to identify common practices in the implementation of network segregation technologies. This document provides key benchmarking data for chemical companies interested in the separation of industrial automation networks from general purpose business networks. Document highlights include the extent to which separation methodologies are used among survey respondents and how such systems are operated and managed, as well as key learnings and benefits gained during the implementation process. It also outlines key considerations for chemical companies that are contemplating network separation technologies as a means to facilitate secure interactions between industrial automation and control systems and the business IT network.
Intrusion Detection and Prevention in the Industrial Automation and Control System Environment (PDF)
Executive Summary - Intrusion Detection and Prevention in the Industrial Automation and Control System Environment (PDF)
Release Date: April 2008
One of the many controls commonly used to secure computer systems is an intrusion detection and prevention system (IDPS). This document describes organizational drivers for considering the use of IDPS, specifically as it relates to the industrial automation and control system environment. It also provides potential implementers or users of IDPS within the chemical manufacturing industry with an overview of IDPS technologies and implementation architectures, and a glimpse at some of the planning, implementation and support considerations that may be encountered. The document is designed to help IT and manufacturing control systems professionals understand the various challenges that come with implementing IDPS in the industrial automation and control system environment.
Key Technology Issues - Enterprise Directory Services and Industrial Control Systems (PDF)
Release Date: March 2006
The application of enterprise directory services in industrial control systems and applications presents challenges in determining how to configure the services without compromising the availability of the process control system, while still allowing for its effective operation and management. This document outlines the key security issues relating to directory services and identifies considerations to help provide for their security and robustness. It is intended as means of starting the more detailed discussion and analysis that is required to fully address this topic.
Key Technology Issues (PDF)
Release Date: October 2005
Several technology trends challenge cyber security effectiveness. There is an increase in interaction with external parties as companies develop extended enterprises. The proliferation of portable devices such as laptops has introduced a number of issues, most notably a higher risk of being infected by malicious software (spyware, virus, etc.), and patch management challenges. Many companies allow strategic partners or vendors to connect to their corporate network, making it difficult to administer global policy compliance. The lifecycle of manufacturing systems is typically longer than that of operating systems and hardware platforms, and thus are in danger of being unsupported. And, the technical architecture must be an infrastructure that provides multiple layers or “defense in depth” to provide balance between functionality, operational stability, and security. This white paper is the first in a series that identifies key cyber security issues and recommended solutions. There are three subject areas: access control, host and network security, and operational monitoring.
Other Tools: