Sunday, September 6, 2015

The Important Steps in SCADA Security System Design




Control system based on SCADA has an important role in industrial processes, for example, electricity, natural gas, gasoline, water, sewage, treatment, transport in the era of cyber technology, not exception for the industry in America. The current control system is already using the wireless connection so that indirectly connected to the global network without limits that require protection from the various threats that exist in today's cyber space. Moreover, the current control system architectures more using equipment such as pumps and valves from remote locations that pose a security risk even though the SCADA network provide great efficiency.

Importance of SCADA Security System

Background The Importance of SCADA Security System

The security system SCADA has become an important issue in industry of US national interest so that in this case former President Bush has created the President's Critical Infrastructure Protection Board in October 2001 through Executive Order 13231. It is in the background backs by the quickness of protection for some supporting Critical Infrastructures, including: Federal departments and agencies, Private Sector companies, State and local government's critical Infrastructures, Related national security programs.

Important steps SCADA Security System Design

There are at least 21 important steps in the design of SCADA system security. You can check the details in the following link:
http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/21_Steps_-_SCADA.pdf 
But there are at least four crucial stage that could be a priority of your security system, as follows:

  • Identify all connections to SCADA networks
    Identify all connections to ensure data is internal only spread in the local area network, and cannot be accessed by a network of outside system company. Identification includes Wireless network devices, Including satellite uplinks, modem or dial-up connections and Connections to business partners, vendors or regulatory agencies

  • Implement the security features provided by device and system vendors
    You need to concentrate on SCADA system that have been long in use and has connections to many machines control because these systems typically do not have good security features. What you need to do is apply the security features in the form of a patch or a product and upgrade to ensure basic security features in the active position.

  • Implement internal and external intrusion detection systems and establish 24-hour-a-day
    For the safety of your system can start building intrusion detection strategy that includes early warning of dangerous network administrator so that it can effectively respond to a cyber attack either from internal or external. This detection monitoring should be active for 24 hours a day and controlled by mobile phone from the person in charge (technician), so be quick in responding to emerging threats.

  • Establish system backups and disaster recovery plans.
    Back up the data and control network configuration absolute need so that in case of attacks on the security system can be made a rapid recovery from emergencies. You also will not lose data and system configuration becomes an important asset company.

Conclusion

SCADA security protection is highly dependent on the PIC (Person In Charge) that runs the system. The process of releasing the data associated with the SCADA network should go through several stages with limited appropriate authorities to ensure the system controller of data is safe maintained to against cyber crime. The process of training and security system policy should be implemented strictly to minimize the chances that your organization secure system is safe and your personnel are also concerned to maintain data security in industrial control systems.


Labels:

Newer Post Older Post Home

You may also like these ebook:

Get Free PLC eBook directly sent to your email,
and email subscription to program-plc.blogspot.com




We hate SPAM. Your information is never sold or shared with anyone.

Your Email Will Be 100% Secured !