defense-in-depth

Late last year Frost and Sullivan, an international analyst group, released a short report called “Current Scenario and Future Landscape in the Automation & Control Systems (ACS) Market.” The report claims that “the field of industrial automation is at a cross roads,” due to “narrowing product definition between individual ACS products, specifically the PLC and DCS product line.”

How can I reliably and easily secure my control system?

A lot of people are re-examining this question and giving it higher priority after learning about Stuxnet and the recent publishing of SCADA system vulnerabilities on the Internet.  It is no longer possible to believe that ‘air gaps’ between your systems and the rest of the world, or that ‘security by obscurity’ are effective security strategies.

When you hear the words “defense–in-depth” do you immediately think of layers of firewalls?

If so, you are not alone – most of us immediately think of security concepts in traditional physical security terms.  For example, we imagine “more defense” as being more moats and castle walls around the crown jewels.  But that is not the only way (or even the best way) to create secure ICS or SCADA systems.

There has been a lot of media coverage and discussion of the Stuxnet malware, and its impact on industrial control system (ICS) and SCADA security. We are one of the groups guilty of creating a Stuxnet publishing industry.