Control systems and networking vendors do a tremendous amount of quality control testing; however, this testing does not always catch security vulnerabilities, particularly when equipment is used in systems with equipment from many different manufacturers.
The United States Computer Emergency Readiness Team publishes a website that lists vulnerabilities in control systems. We recommend you review the articles on this site to determine if your system may have vulnerabilities that have not been addressed.
Note: the vulnerabilities listed are only a subset of known vulnerabilities. Not all known vulnerabilities are published due to the issues and risks related to publishing them.
US Computer Emergency Readiness Team vulnerability notes
- watch the video "Securing Industry from Cyber Threats"
- read about ANSI/ISA-99 security standards
- learn about the Tofino Industrial Security Solution, which uses special rules to protect against known vulnerabilities