White Papers
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
High Security Integration Using OPC
April 2010
OPC Classic, the popular industrial integration standard based on DCOM, has made the interfacing of different industrial control products significantly easy. Unfortunately, it also brought with it a number of serious security concerns for the designers of control, SCADA and safety systems.
This White Paper looks at these issues and reviews the solutions proposed over the past decade from researchers and academics. It looks at new technologies in advanced firewall port management and embedded OPC servers that offer true defense-in-depth and read-only security for better reliability and security of all control systems, but especially for safety integrated systems.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
OPC Security White Paper #1 - Understanding OPC and How it is Deployed
December 2007
Abstract: This White Paper is the first in a series on the security of OPC (OLE for Process Control) and focuses on providing an overview of the widely-used industrial communication standard and how it is actually used in industry.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
OPC Security White Paper #2 - OPC Exposed
November 2007
Abstract: In this second White Paper of the OPC Security Series, we describe the vulnerabilities typically found in OPC hosts, based on OPC’s current architecture and the typical underlying operating system. We also investigate common misconfiguration vulnerabilities found in OPC server or client computers both at the operating system and OPC application level.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
OPC Security White Paper #3 - Hardening Guidelines for OPC Hosts
November 2007
Abstract: In this third White Paper of the OPC Security Series, we outline how a server or workstation running OPC can be secured in a simple and effective manner.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Comparing Electronic Battlefields: Using Mean Time-to-Compromise as a Comparative Security Metric
November 2007
D. Leversage and E.J. Byres, “Comparing Electronic Battlefields: Using Mean Time-to-Compromise as a Comparative Security Metric,” Communications in Computer and Information Science - Computer Network Security, Proceedings of the Fourth International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, St. Petersburg, Russia, Springer, 2007, pp. 213-227.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
On Shaky Ground - A Study of Security Vulnerabilities in Control Protocols
November 2006
E.J. Byres, D. Hoffman and N. Kube; “On Shaky Ground - A Study of Security Vulnerabilities in Control Protocols”, 5th American Nuclear Society International Topical Meeting on Nuclear Plant Instrumentation, Controls, and Human Machine Interface Technology, American Nuclear Society, Albuquerque, NM, November 2006
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Finding the Security Holes before the Hackers Do
October 2005
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
The Special Needs of SCADA/PCN Firewalls: Architectures and Test Results
September 2005
E.J. Byres, B. Chauvin, D. Hoffman, J. Karsch and N. Kube; “The Special Needs of SCADA/PCN Firewalls: Architectures and Test Results”, The 11th IEEE International Conference on Emerging Technologies and Factory Automation, Institute of Electrical and Electronics Engineers, Catania Italy, September 2005
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Industrial Cybersecurity For Power System And SCADA Networks
September 2005
E.J. Byres and A. Creery; “Industrial Cybersecurity For Power System And SCADA Networks”, Proceedings of the IEEE Petroleum and Chemical Industries Conference, Institute of Electrical and Electronics Engineers, Denver, September 2005
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks
February 2005
BCIT Group for Advanced Information Technology, “Good Practice Guide on Firewall Deployment for SCADA and Process Control Networks - Policy and Best Practice ID. 00157”, National Infrastructure Coordination Centre, UK , 23 February 2005
