ABSTRACT

Lessons Learned From Cyber Security Assessments of SCADA and Energy Management Systems   [open pdf - 161KB]

"The results from ten cyber security vulnerability assessments of process control, SCADA [Supervisory Control and Data Acquisition] and energy management systems, or components of those systems were reviewd to identify common problem areas. The common vulnerabilities ranged from conventional IT [Information Technology] security issues to specific weaknesses in control systems protocols. In each vulnerability category, relative measures were assigned to the severity of the vulnerability and ease with which the attacker could exploit the vulnerability. Suggested mitigations are identified in each category. Recommended mitigations having the highest impact on reducing vulnerability are listed for asset owners and system vendors."

Author:
Publisher:
Date:
2006-09
Copyright:
Public Domain
Retrieved From:
United States- Computer Emergency Readiness Team (US- CERT): http://www.us-cert.gov/
Media Type:
application/pdf
URL:
Help with citations