CISO2CISO.COM & CYBER SECURITY GROUP

Cybersecurity for SCADA Systems by William T. Shaw

In the 1960s, when the first computer-based supervisory control and data acquisition systems (SCADA) were being developed, there was no cultural concept of needing to provide any particular protective measures to keep such systems safe from intentional attacks. After all, why would someone want to disrupt the operation of such systems? The world was a different place, and the computer expertise to
work on, or with, such systems was a rare commodity. The only protective considerations built into those systems were ones instituted in order to minimize or eliminate the impact of user errors. Not so today. Computers have become commodity appliances, and computer expertise far more commonplace. In addition, there are people that have technical expertise and, for a variety of reasons, choose to use it
to inflict damage. Or worse still, there are those who wish to use such expertise to cause serious harm to the United States government and citizens. The Internet, a world-spanning communications technology that should be a positive force to unite cultures and peoples, is also being used as a means to reach into our computer systems by such people. Much of our critical industrial infrastructure is managed and controlled by SCADA systems, and thus it is now essential that we place protective measures into and around these systems. This book is intended to provide a general background of SCADA system technology, cybersecurity concepts and technologies, and how the two can be brought together to safeguard our infrastructure and computer automation systems. In this second revision of the book,
I have included a great deal more information about implementing cybersecurity
protections and about technical countermeasures. This revision also takes advantage of the evolved industry-specific cybersecurity standards that have emerged since the initial printing, especially in the electric power and oil-and-gas pipeline industry sectors. There have also been many technological changes in communications and networking and other areas of computer science since the original
publication. I have tried to capture applicable changes in this revision.

Leave a Reply

Your email address will not be published. Required fields are marked *