Integrating information security with industrial process control applications
Daabaj, K. and Ahmeda, S. (2005) Integrating information security with industrial process control applications. In: 2nd AIDMO Arab Conference for Industrial Information and Networks, (AIDMO 2005), 23 - 25 May, Tunis, Tunisia.
Many Institutes of Standards and Technology are working to improve the information security of networked digital control systems used in industrial applications. Real-time computer control systems used in process control applications have many characteristics that are different than traditional information processing systems used in business applications. Foremost among these is design for efficiency and time-critical response. Security is generally not a strong design driver and therefore tends to be bypassed for performance. Computing resources (including CPU time and memory) available to perform security functions tend to be very limited. Furthermore, the goals of safety and security sometimes conflict in the design and operation of control systems. The key Process components of an industrial control system, including the control loop, the human-machine interface, and remote diagnostics and maintenance utilities. This paper extends the existing study of assessing the vulnerabilities and establishes appropriate strategies for the development of policies to reduce information security risk within process controls industry. It also addressees the computer control systems used within process control industries, their similarities, and network architectures. A generic set of networking system architectures for industrial process control systems is presented. The vulnerabilities associated with these systems and the information threats are also introduced.
|Publication Type:||Conference Paper|
|Publisher:||Arab Industrial Development and Mining Organization|
|Conference Website:||http://www.aidmo.org/ (Publisher's website)|
|Item Control Page|