You are here

Mitigations for Security Vulnerabilities Found in Control System Networks

Industry is aware of the need for Control System (CS) security, but in on-site assessments, Idaho
National Laboratory (INL) has observed that security procedures and devices are not consistently and
effectively implemented. The Department of Homeland Security (DHS), National Cyber Security
Division (NCSD), established the Control Systems Security Center (CSSC) at INL to help industry and
government improve the security of the CSs used in the nation’s critical infrastructures. One of the
main CSSC objectives is to identify control system vulnerabilities and develop effective mitigations
for them. This paper discusses common problems and vulnerabilities seen in on-site CS assessments
and suggests mitigation strategies to provide asset owners with the information they need to better
protect their systems from common security flaws.