• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文学位 >The inherent weaknesses in industrial control systems devices; hacking and defending SCADA systems.
【24h】

The inherent weaknesses in industrial control systems devices; hacking and defending SCADA systems.

机译:工业控制系统设备的固有弱点;入侵和防御SCADA系统。

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The North American Electric Reliability Corporation (NERC) is about to enforce their NERC Critical Infrastructure Protection (CIP) Version Five and Six requirements on July 1st 2016. The NERC CIP requirements are a set of cyber security standards designed to protect cyber assets essential the reliable operation of the electric grid. The new Version Five and Six requirements are a major revision to the Version Three (currently enforced) requirements. The new requirements also bring substations into scope alongside Energy Control Centers. When the Version Five requirements were originally drafted they were vague, causing in depth discussions throughout the industry. The ramifications of these requirements has made owners look at their systems in depth, questioning how much money it will take to meet these requirements. Some owners saw backing down from routable networks to non-routable as a means to save money as they would be held to less requirements within the standards. Some owners saw removing routable connections as a proper security move. The purpose of this research was to uncover the inherent weaknesses in Industrial Control Systems (ICS) devices; to show how ICS devices can be hacked and figure out potential protections for these Critical Infrastructure devices. In addition, this research also aimed to validate the decision to move from External Routable connectivity to Non-Routable connectivity, as a security measure and not as a means of savings. The results reveal in order to ultimately protect Industrial Control Systems they must be removed from the Internet and all bi-directional external routable connections must be removed. Furthermore; non-routable serial connections should be utilized, and these non-routable serial connections should be encrypted on different layers of the OSI model. The research concluded that most weaknesses in SCADA systems are due to the inherent weaknesses in ICS devices and because of these weaknesses, human intervention is the biggest threat to SCADA systems.
机译:北美电力可靠性公司(NERC)将于2016年7月1日强制执行其NERC关键基础设施保护(CIP)版本5和6要求。NERCCIP要求是旨在保护可靠和可靠的网络资产的一组网络安全标准。电网的运行。新的第5版和第6版要求是对第3版(当前执行)要求的主要修订。新的要求还将变电站与能源控制中心一起纳入范围。最初起草第五版要求时,它们含糊不清,引起了整个行业的深入讨论。这些要求的后果使所有者深入研究了他们的系统,质疑要花多少钱才能满足这些要求。一些所有者认为从可路由网络退回到不可路由是节省金钱的一种方法,因为它们将在标准范围内受到较少的要求。一些所有者认为删除可路由连接是一项适当的安全措施。这项研究的目的是发现工业控制系统(ICS)设备中的固有弱点。展示如何对ICS设备进行黑客攻击,并找出针对这些关键基础设施设备的潜在保护措施。此外,这项研究还旨在验证从外部路由连接到不可路由连接的决定,这是一种安全措施,而不是一种节省手段。结果表明,为了最终保护工业控制系统,必须从Internet上将其删除,并且必须删除所有双向外部可路由连接。此外;应该使用不可路由的串行连接,并且这些不可路由的串行连接应该在OSI模型的不同层上进行加密。研究得出的结论是,SCADA系统中的大多数弱点是由于ICS设备固有的弱点,并且由于这些弱点,人为干预是SCADA系统的最大威胁。

著录项

  • 作者

    Bianco, Louis J.;

  • 作者单位

    Utica College.;

  • 授予单位 Utica College.;
  • 学科 Energy.;Industrial engineering.;Information technology.
  • 学位 M.S.
  • 年度 2016
  • 页码 56 p.
  • 总页数 56
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号