This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Security for Process Control Systems: An Overview
November/December 2008 (vol. 6 no. 6)
pp. 24-29
Markus Brändle, ABB Corporate Research
Martin Naedele, ABB Corporate Research
Over the past few years, IT security has become a dominant topic in the process control domain. The authors outline what they see as the core challenges, how industry is responding to them, and what problems remain.

1. A. Miller, "Trends in Process Control Systems Security," IEEE Security &Privacy, vol. 3, no. 5, 2005, pp. 57–60.
2. E. Byres and J. Lowe, "The Myths and Facts Behind Cyber Security Risks for Industrial Control Systems," Proc. VDE Convention, VDE Verlag, 2004, pp. 213–217.
3. D. Walker, "Utility IT Executives Expect Breach of Critical SCADA Systems," Pipeline and Gas J., vol. 233, no. 2, 2006, pp. 24–27; http://findarticles.com/p/articles/mi_m3251/ is_2_233/ai_n24982950pg_1?tag=artBody;coll .
4. M. Naedele, "Addressing IT Security for Critical Control Systems," Proc. 40th Hawaii Int'l Conf. System Sciences (HICSS-40), IEEE CS Press, 2007, p. 115; http://www2.computer.org/portal/web/csdl/ doi/10.1109HICSS.2007.48.
5. J. Eisenhauer et al., "Roadmap to Secure Control Systems in the Energy Sector," sponsored by US DoE and DHS, Jan. 2006; www.controlsystemsroadmap.net/.
6. M. Naedele, "Standardizing Industrial IT Security—A First Look at the IEC Approach," Proc. 10th IEEE Int'l Conf. Emerging Technologies and Factory Automation (ETFA 05), IEEE Press, 2005, pp. 857–863.
7. R. Fink, D. Spencer, and R. Wells, "Lessons Learned from Cyber Security Assessments of SCADA and Energy Managements Systems," Idaho Nat'l Laboratories, Sept. 2006, www.inl.gov/scada/publications/dnstb_lessons_learned_from_cyber_security_assessments.pdf .
8. J. Leversage and E. Byres, "Estimating a System's Mean Time to Compromise," IEEE Security &Privacy, vol. 6, no. 1, 2008, pp. 52–60.
9. J.S. Shapiro, "Understanding the Windows EAL4 Evaluation," Computer, vol. 36, no. 2, 2003, pp. 102–105.
1. M. Naedele and O. Biderbost, "Human-Assisted Intrusion Detection for Process Control Systems," Proc. 2nd Int'l Conf. Applied Cryptography and Network Security (ACNS 04), ICISA Press, 2004, pp. 216–225.
2. M. Naedele, "An Access Control Protocol for Embedded Devices," Proc. 4th Int'l IEEEConf. Industrial Informatics (INDIN 06), IEEE CS Press, 2006, pp. 565–569.
3. F. Swiderski and W. Snyder, Threat Modeling, Microsoft Press, 2004.

Index Terms:
process control systems, security, protection, IT, SCADA, supervisory control and data acquisition
Citation:
Markus Brändle, Martin Naedele, "Security for Process Control Systems: An Overview," IEEE Security & Privacy, vol. 6, no. 6, pp. 24-29, Nov.-Dec. 2008, doi:10.1109/MSP.2008.150
Usage of this product signifies your acceptance of the Terms of Use.