Security control analysis of ICS

Abstract

Industrial control systems (ICS) are computer-controlled systems that monitor and control industrial processes that exist in the physical world. ICS monitors and controls the national infrastructure or industrial process including transportation facilities, water treatment and distribution, electrical power transmission and distribution, and gas pipelines. If a SCADA system is stationary, disaster is inevitable. But, many ICSes were not built to withstand security incidents, such as accidental cyber-related incidents, DoS attacks, and malware infiltrations. Vulnerability of ICS information system becomes clear, security evaluation of the system began to be implemented. Security evaluation for ICS information system has been implemented for all areas, it is performed without considering the characteristics of each field. Control to be applied to all areas, all the same, but the importance of the control is different. This paper has offered the reader a correlation analysis approach which will allow them to grade importance their defensive efforts. Once a prioritized list has been created, a risk management approach to addressing system vulnerabilities may occur. Furthermore, this result based on real data of power generation companies. © 2014 SERSC.