Finding the Security Holes before the Hackers Do

E.J. Byres and M. Franz; “Finding the Security Holes before the Hackers Do”, ISA Technical Conference, Instrumentation Systems and Automation Society, Chicago, October 2005
Abstract:  Over the past several years there has been a growing concern about security vulnerabilities in the SCADA and control system hardware, software and networks used in critical infrastructures such as the oil and gas, water and electrical generation/distribution industries. Unfortunately there has been little research on focused techniques to detect these flaws before these systems are deployed in the field. Certainly there are tools to scan for known vulnerabilities in traditional IT systems, but they offer little in the way of security testing for new control products with new vulnerabilities.
This paper discusses methods available to systematically test control systems for both known and unknown vulnerabilities in critical devices prior to deployment in the field. It outlines how security testing should be a clearly defined set engineering activities that integrated into the lifecycle of product or system design, development, testing, and deployment.