www.osti.gov
Open in
urlscan Pro
192.107.175.222
Public Scan
Submitted URL: https://www.osti.gov/servlets/purl/1505628
Effective URL: https://www.osti.gov/biblio/1505628
Submission: On June 28 via manual from US — Scanned from DE
Effective URL: https://www.osti.gov/biblio/1505628
Submission: On June 28 via manual from US — Scanned from DE
Form analysis 2 forms found in the DOM
POST /search
<form action="/search" id="search_form" class="pure-form" method="POST" autocomplete="off">
<input type="hidden" id="index_search_act" name="act" value="act">
<input type="hidden" id="index_search_rows" name="rows" value="">
<input type="hidden" id="index_search_page" name="page" value="">
<input type="hidden" id="index_search_sort" name="sort" value="">
<input type="hidden" id="search_journal_type" name="journal_type" value="">
<input type="hidden" id="search_data_type" name="data_type" value="">
<input type="hidden" id="search_availability" name="availability" value="">
<div style="padding: 0.7em 0 0.5em;">
<div class="row">
<div class="col-11">
<div style="position:relative;">
<label class="sr-only" for="search_search">Search terms:</label>
<input class="pure-input-1" id="search_search" type="text" name="search" value="" placeholder="Search 3+ million Department of Energy research results">
<button type="button" class="close-advformoptions" aria-hidden="true" title="Advanced search options"
style="position: absolute; top: 7px; right: 5px; z-index: 2;cursor: pointer; background: transparent; border: 0; color:#7cb342; font-size: 1.3rem; margin-top: -0.15rem;"><span class="fa fa-caret-down"></span><span class="sr-only">Advanced
search options</span></button>
<div id="adv-search" style="background-color:#f9f9f9; border:1px solid #444; padding:20px; position:absolute; left:0; right: 0; top: 38px; display:none; z-index:2000;">
<fieldset class="small" style="padding-bottom:0;">
<legend style="padding:0px; margin-bottom:1em;">
<div class="pull-right">
</div> Advanced Search Options<small style="display:block;color:#999;">Advanced Search queries use a traditional Term Search. For more info, see our <a href="/faqs#faq-270584">FAQ</a>.</small>
</legend>
<div class="adv_search-row">
<label for="search_term">All Fields: </label>
<input class="pure-input-1" type="text" name="term" id="search_term" value="">
</div>
<div class="adv_search-row">
<label for="search_title">Title: </label>
<input class="pure-input-1" type="text" name="title" id="search_title" value="">
</div>
<div class="adv_search-row">
<label for="search_creators">Author / Contributor: </label>
<input class="pure-input-1" type="text" name="creators" id="search_creators" value="">
</div>
<div class="adv_search-row">
<label for="search_doi">Digital Object Identifier (DOI): </label>
<input class="pure-input-1" type="text" name="doi" id="search_doi" value="">
</div>
<div class="adv_search-row">
<label for="search_idnos">Identifier Numbers: </label>
<input class="pure-input-1" type="text" name="idnos" id="search_idnos" value="">
</div>
<div class="adv_search-row">
<label for="search_pubd_from">Publication Date: </label>
<div style="/* white-space: nowrap; */">
<input type="text" pattern="(0[1-9]|1[012])[/](0[1-9]|[12][0-9]|3[01])[/]\d\d\d\d" id="search_pubd_from" name="pubd_from" data-toggle="tooltip" data-placement="bottom" title="" class="dateinput pure-u-1-3" value=""
placeholder="MM/DD/YYYY" data-original-title="Enter date in MM/DD/YYYY format">
<label for="search_pubd_until" style="margin-right:0.5rem; margin-left:0.5rem;">to</label>
<input type="text" pattern="(0[1-9]|1[012])[/](0[1-9]|[12][0-9]|3[01])[/]\d\d\d\d" id="search_pubd_until" name="pubd_until" data-toggle="tooltip" data-placement="bottom" title="" class="dateinput pure-u-1-3" value=""
placeholder="MM/DD/YYYY" data-original-title="Enter date in MM/DD/YYYY format">
</div>
</div>
</fieldset>
<fieldset class="small" style="padding-bottom:0; margin-top:20px;">
<legend style="padding:0px; margin-bottom:1em;"><a href="#" id="search_search-moreoptions"><span id="more-options-indicator" class="fa fa-plus-squared-alt"></span> More Options ...</a></legend>
<div id="more-options-container" class="hidden">
<div class="adv_search-row">
<label for="search_fulltext">Full Text: </label>
<input class="pure-input-1" type="text" name="fulltext" id="search_fulltext" value="">
</div>
<div class="adv_search-row">
<label for="search_product_type">Resource Type: </label>
<div style="position:relative;" data-jq-dropdown="#product_type_dropdown">
<input class="pure-input-1" type="text" name="product_type" id="search_product_type" value="" style="-webkit-user-select: none; -moz-user-select: none; -ms-user-select: none; user-select: none;">
<span style="position: absolute; top: 8px; right: 10px; z-index: 2;cursor: pointer; background: transparent; border: 0; color:#7cb342;"><span class="fa fa-caret-down"></span></span>
</div>
<div style="position:relative;">
<div id="product_type_dropdown" class="jq-dropdown jq-dropdown-tip jq-dropdown-relative" style="width:100%;">
<div class="jq-dropdown-panel">
<div class="row" style="display:flex;">
<div class="col-lg-6 col-md-12 jqd-col">
<label class="facet-item control control-checkbox" style="white-space: nowrap;">Journal Article <input type="checkbox" name="product_type_option" title="Journal Article" value="Journal Article">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox" style="white-space: nowrap;">Technical Report <input type="checkbox" name="product_type_option" title="Technical Report" value="Technical Report">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox">Data <input type="checkbox" name="product_type_option" title="Data" value="Data">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox">Software <input type="checkbox" name="product_type_option" title="Software" value="Software">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox">Patent <input type="checkbox" name="product_type_option" title="Patent" value="Patent">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox" style="white-space: nowrap;">Conference / Event <input type="checkbox" name="product_type_option" title="Conference / Event" value="Conference">
<div class="control-indicator"></div>
</label>
</div>
<div class="col-lg-6 col-md-12 jqd-col">
<label class="facet-item control control-checkbox" style="white-space: nowrap;">Book / Monograph <input type="checkbox" name="product_type_option" title="Book / Monograph" value="Book">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox" style="white-space: nowrap;">Program Document <input type="checkbox" name="product_type_option" title="Program Document" value="Program Document">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox" style="white-space: nowrap;">Thesis / Dissertation <input type="checkbox" name="product_type_option" title="Thesis / Dissertation" value="Thesis/Dissertation">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox">Video / Audio <input type="checkbox" name="product_type_option" title="Video / Audio" value="Multimedia">
<div class="control-indicator"></div>
</label>
<label class="facet-item control control-checkbox">Miscellaneous <input type="checkbox" name="product_type_option" title="Miscellaneous" value="Miscellaneous">
<div class="control-indicator"></div>
</label>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="adv_search-row">
<label for="search_subject">Subject: </label>
<input class="pure-input-1" type="text" name="subject" id="search_subject" value="">
</div>
<div class="adv_search-row">
<label for="search_site_code">Site: </label>
<select class="pure-input-1" name="site_code" id="search_site_code">
<option value="">All</option>
</select>
</div>
<div class="adv_search-row">
<label for="search_research_org">Research Org: </label>
<input class="pure-input-1" type="text" name="research_org" id="search_research_org" value="">
</div>
<div class="adv_search-row">
<label for="search_sponsor_org">Sponsoring Org: </label>
<input class="pure-input-1" type="text" name="sponsor_org" id="search_sponsor_org" value="">
</div>
<div class="adv_search-row">
<label for="search_updd_from">Update Date: </label>
<div style="/* white-space: nowrap; */">
<input type="text" pattern="(0[1-9]|1[012])[/](0[1-9]|[12][0-9]|3[01])[/]\d\d\d\d" id="search_updd_from" name="updd_from" data-toggle="tooltip" data-placement="bottom" title="" class="dateinput pure-u-1-3" value=""
placeholder="MM/DD/YYYY" data-original-title="Enter date in MM/DD/YYYY format">
<label for="search_updd_until" style="margin-right:0.5rem; margin-left:0.5rem;">to</label>
<input type="text" pattern="(0[1-9]|1[012])[/](0[1-9]|[12][0-9]|3[01])[/]\d\d\d\d" id="search_updd_until" name="updd_until" data-toggle="tooltip" data-placement="bottom" title="" class="dateinput pure-u-1-3" value=""
placeholder="MM/DD/YYYY" data-original-title="Enter date in MM/DD/YYYY format">
</div>
</div>
<div class="adv_search-row">
<label class="control control-checkbox">Limit to INIS / NSA records only <input type="checkbox" id="search_inis_nsa" name="inis_nsa" title="Limit to INIS / NSA records only" value="true">
<div class="control-indicator"></div>
</label>
</div>
<div class="adv_search-row">
<label class="control control-checkbox">Limit to Nobel Prize winning researchers only <input type="checkbox" id="search_nobel" name="nobel" title="Limit to Nobel Prize winning researchers only" value="true">
<div class="control-indicator"></div>
</label>
</div>
<hr>
</div>
</fieldset>
<div class="text-right">
<button type="submit" class="pure-button button-success" style="margin: 1px; margin-left: 5px; padding:0.5em 0.9em;"><span class="fa fa-search"></span> Search</button>
</div>
</div>
</div>
</div>
<div class="col-1">
<button type="submit" class="pure-input-1 pure-button button-search" id="search_submit" aria-hidden="true" title="Submit"><span class="fa fa-search"></span><span class="sr-only">Submit</span></button>
</div>
</div>
</div>
</form>POST /search
<form action="/search" id="state_form" method="POST" autocomplete="off">
<input type="hidden" id="state_act" name="act" value="act">
<input type="hidden" id="state_rows" name="rows" value="10">
<input type="hidden" id="state_page" name="page" value="">
<input type="hidden" id="state_sort" name="sort" value="">
<input type="hidden" id="state_return_type" name="return_type" value="">
<input type="hidden" id="state_search" name="search" value="">
<input type="hidden" id="state_term" name="term" value="">
<input type="hidden" id="state_title" name="title" value="">
<input type="hidden" id="state_creators" name="creators" value="">
<input type="hidden" id="state_doi" name="doi" value="">
<input type="hidden" id="state_idnos" name="idnos" value="">
<input type="hidden" id="state_pubd_from" name="pubd_from" value="">
<input type="hidden" id="state_pubd_until" name="pubd_until" value="">
<input type="hidden" id="state_fulltext" name="fulltext" value="">
<input type="hidden" id="state_doe_contract_number" name="doe_contract_number" value="">
<input type="hidden" id="state_product_type" name="product_type" value="">
<input type="hidden" id="state_journal_type" name="journal_type" value="">
<input type="hidden" id="state_data_type" name="data_type" value="">
<input type="hidden" id="state_software_type" name="software_type" value="">
<input type="hidden" id="state_software_license" name="software_license" value="">
<input type="hidden" id="state_subject" name="subject" value="">
<input type="hidden" id="state_site_code" name="site_code" value="">
<input type="hidden" id="state_research_org" name="research_org" value="">
<input type="hidden" id="state_sponsor_org" name="sponsor_org" value="">
<input type="hidden" id="state_updd_from" name="updd_from" value="">
<input type="hidden" id="state_updd_until" name="updd_until" value="">
<input type="hidden" id="state_availability" name="availability" value="">
<input type="hidden" id="state_inis_nsa" name="inis_nsa" value="">
<input type="hidden" id="state_nobel" name="nobel" value="">
<button type="submit" style="display:none;" aria-hidden="true" title="Submit">
</button>
</form>Text Content
skip to main content
* Sign In
* Create Account
Show search Show menu
U.S. Department of Energy
Office of Scientific and Technical Information
Search terms: Advanced search options
Advanced Search OptionsAdvanced Search queries use a traditional Term Search.
For more info, see our FAQ.
All Fields:
Title:
Author / Contributor:
Digital Object Identifier (DOI):
Identifier Numbers:
Publication Date:
to
More Options ...
Full Text:
Resource Type:
Journal Article
Technical Report
Data
Software
Patent
Conference / Event
Book / Monograph
Program Document
Thesis / Dissertation
Video / Audio
Miscellaneous
Subject:
Site: All
Research Org:
Sponsoring Org:
Update Date:
to
Limit to INIS / NSA records only
Limit to Nobel Prize winning researchers only
--------------------------------------------------------------------------------
Search
Submit
* Submit Research Results
* Search Tools
* Public Access Policy
* PIDs Services & Dev Tools
* About
* FAQs
* News
* Sign In
* Create Account
OSTI.GOV Technical Report: History of Industrial Control System Cyber Incidents
TITLE: HISTORY OF INDUSTRIAL CONTROL SYSTEM CYBER INCIDENTS
* Full Record
* Other Related Research
×
You are accessing a document from the Department of Energy's (DOE) OSTI.GOV.
This site is a product of DOE's Office of Scientific and Technical Information
(OSTI) and is provided as a public service.
Visit OSTI to utilize additional information resources in energy science and
technology.
ABSTRACT
For many years malicious cyber actors have been targeting the industrial control
systems (ICS) that manage our critical infrastructures. Most of these events are
not reported to the public, and the threats and incidents to ICS are not as
well-known as enterprise cyber threats and incidents. This paper is a brief
study of publically reported cyber threats to critical infrastructure that sheds
light on the growing cyber threats to ICS devices. It is important to note that
this list is not all inclusive. The events selected in this study highlight the
significant threats and incidents to industrial control systems and demonstrate
that significant cyber incidents to ICS devices are growing and becoming more
complex.
Authors: Hemsley, Kevin E. [1]; E. Fisher, Dr. Ronald [2]
* Search OSTI.GOV for author "E. Fisher, Dr. Ronald"
* Search OSTI.GOV for ORCID "0000-0002-7782-1830"
* Search orcid.org for ORCID "0000-0002-7782-1830"
--------------------------------------------------------------------------------
+ Show Author Affiliations
1. Idaho National Lab. (INL), Idaho Falls, ID (United States)
2. Idaho National Lab. (INL), Idaho Falls, ID (United States
Publication Date: 2018-12-31 Research Org.: Idaho National Lab. (INL), Idaho
Falls, ID (United States) Sponsoring Org.: USDOE Office of Nuclear Energy (NE)
OSTI Identifier: 1505628 Report Number(s): INL/CON-18-44411-Rev002 DOE Contract
Number: AC07-05ID14517 Resource Type: Technical Report Country of Publication:
United States Language: English Subject: 99 GENERAL AND MISCELLANEOUS;
Industrial Control Systems; Cybersecurity; Threats
--------------------------------------------------------------------------------
CITATION FORMATS
* MLA
* APA
* Chicago
* BibTeX
Hemsley, Kevin E., and E. Fisher, Dr. Ronald. History of Industrial Control
System Cyber Incidents. United States: N. p., 2018. Web. doi:10.2172/1505628.
Copy to clipboard
Hemsley, Kevin E., & E. Fisher, Dr. Ronald. History of Industrial Control System
Cyber Incidents. United States. https://doi.org/10.2172/1505628
Copy to clipboard
Hemsley, Kevin E., and E. Fisher, Dr. Ronald. 2018. "History of Industrial
Control System Cyber Incidents". United States. https://doi.org/10.2172/1505628.
https://www.osti.gov/servlets/purl/1505628.
Copy to clipboard
@article{osti_1505628,
title = {History of Industrial Control System Cyber Incidents},
author = {Hemsley, Kevin E. and E. Fisher, Dr. Ronald},
abstractNote = {For many years malicious cyber actors have been targeting the
industrial control systems (ICS) that manage our critical infrastructures. Most
of these events are not reported to the public, and the threats and incidents to
ICS are not as well-known as enterprise cyber threats and incidents. This paper
is a brief study of publically reported cyber threats to critical infrastructure
that sheds light on the growing cyber threats to ICS devices. It is important to
note that this list is not all inclusive. The events selected in this study
highlight the significant threats and incidents to industrial control systems
and demonstrate that significant cyber incidents to ICS devices are growing and
becoming more complex.},
doi = {10.2172/1505628},
url = {https://www.osti.gov/biblio/1505628}, journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {12}
}
Copy to clipboard
--------------------------------------------------------------------------------
Technical Report:
View Technical Report (0.60 MB)
https://doi.org/10.2172/1505628
--------------------------------------------------------------------------------
Save / Share:
Export Metadata
* Endnote
* RIS
* CSV / Excel
* XML
* JSON
Save to My Library
You must Sign In or Create an Account in order to save documents to your
library.
* Facebook
* Twitter
* Email
* Print
* More share options
* LinkedIn
* Pinterest
* Tumblr
Similar records in OSTI.GOV collections:
* EVOLUTION AND TRENDS OF INDUSTRIAL CONTROL SYSTEM CYBER INCIDENTS SINCE 2017
Journal Article Grubbs, Robert; Stoddard, Jeremiah; Freeman, Sarah; ... -
Journal of Critical Infrastructure Policy
The industrial control systems (ICSs) that manage our critical infrastructure
are increasingly converging with corporate networks and the Internet as
technology and businesses prioritize digital connectivity. These connections
make them more vulnerable and available to malicious cyber actors who
traditionally targeted the companies’ more public-facing information
technology (IT) networks. This paper will review select publicly reported
cyber incidents to highlight the continued and growing threat to ICS devices
and operational technology (OT) environments. It will summarize the incident
and when available, will provide information on the cyber actors, the
vulnerabilities they exploited, and any publications the U.S. Government
(USG) providedmore » in response. Data belonging to the Department of
Homeland Security (DHS) will be used to highlight quantitative trends
concerning ICS incidents. This paper builds on “History of Industrial Control
System Cyber Incidents” (Hemsley & Fisher 2018), a paper that highlighted
select noteworthy threats and incidents to ICS systems up to 2017. This paper
will similarly review select incidents occurring after the last previously
reviewed incident, Triton/HatMan, December 2017, and will note ICS incident
trends including IT/OT convergence and advances in cyber-threat actors’
capabilities in observed in the examined incidents.« less
* https://doi.org/10.18278/jcip.2.2.4
* Full Text Available
* GUIDE FOR CYBER ASSESSMENT OF INDUSTRIAL CONTROL SYSTEMS FIELD DEVICES.
Technical Report Stamp, Jason; Stinebaugh, Jennifer; Fay, Daniel
Programmable logic controllers (PLCs) and other field devices are important
components of many weapons platforms, including vehicles, ships, radar
systems, etc. Many have significant cyber vulnerabilities that lead to
unacceptable risk. Furthermore, common procedures used during Oper- ational
Test and Evaluation (OT&E) may unexpectedly lead to unsafe or severe impacts
for the field devices or the underlying physical process. This document
describes an assessment methodology that addresses vulnerabilities,
mitigations, and safe OT&E. Acknowledgements The authors would like to
acknowledge the funding and technical support from the Office of the
Director, Operational Test and Evaluation (DOT&E) for the development of
thismore » paper. Also, there were key contributions by other Sandia National
Laboratories (SNL) personnel supporting the analysis, particularly from Mitch
Martin, Tricia Schulz, Chris Davis, and Nick Pattengale, and from Pacific
Northwest National Laboratory (PNNL), especially Chris Bonebrake, Jim Brown,
and Katy Bragg. Executive Summary Industrial control system (ICS) field
devices like PLCs play a critical role in the safe and reliable operation of
Department of Defense (DOD) platforms and weapon systems operations. Unfor-
tunately, these sorts of devices are often rife with cyber security
vulnerabilities that can lead to significant risks for mission performance,
or even unsafe conditions during routine OT&E. The cyber security issues
faced by ICS differ from typical information technology (IT), and this re-
quires a different and more specific approach to assess, test, and mitigate
ICS vulnerabilities. In a typical IT system, data confidentiality and
integrity are the primary concerns. In an ICS, mission operations, safety,
public health, and avoiding equipment damage are the primary con- cerns. ICS
devices directly control time critical processes and have little margin for
delay. Outages or interruptions (even something as simple as a reboot) might
not be acceptable, and if unplanned can result in significant risk to
mission. Unlike IT system updates or patches, which can be done using
automated server-based tools and are widely applicable, ICS updates are
specific to the equipment vendor. OT&E on ICS field devices (on deployed
platforms, or in high value test rigs) is often a neces- sary requirement,
but this causes significant concern within the DOD ICS community. The concern
is that implementing routine cyber security measures and testing on active
ICS components and systems may damage the ICS or even underlying physical
systems. Of particular concern are ICS field devices, which encompasses the
specialized hardware that covers the boundary between the cyber and physical
domains. Examples of field devices include PLCs, electric power relays,
remote terminal units (RTUs), and other embedded devices. According to an
Office of the Secretary of Defense (OSD) memorandum regarding "Proce- dures
for Operational Test and Evaluation of Cybersecurity in Acquisition
Programs," operational test agencies (OTAs) will "include cyber threats...
with the same rigor as other threats" [1]. The purpose of cyber security
operational test and evaluation is to evaluate the ability of a unit equipped
with a system to support assigned missions in the expected environment. The
"system" in this case is considered to encompass hardware, software, user
operators, etc. This memorandum also spec- ifies the procedures to be used
for testing oversight systems. The purpose of this docuemnt is to introduce a
Field Device Assessment Methodology (FDAM) that parallels (with some
differences due to the focus on ICS hardware and not the entire system) the
procedures suggested in the mem- orandum. The FDAM approach is not intended
to cover the entire oversight system as referenced in the memorandum; rather,
it explains the procedures necessary to evaluate the ICS hardware devices.
This focused approach on the hardware subset of the system is warranted
because ICS field devices face very different issues than IT systems, and the
risks associated with ICS cyber vulnerabilities can be significant. The goals
of the FDAM are to research and rank field device vulnerabilities to be
tested, sum- marize associated mitigations, and determine cyber test concerns
by summarizing potential OT&E test damage/safety issues. The FDAM primarily
supports the cooperative assessment stage of OT&E, although the results can
also support adversarial assessments. This document provides guidance on
tools and procedures that have been developed by SNL that are used to
implement the FDAM approach, including an assessment framework, quantitative
risk calculation, and ranked access/procedure pairs (APPs). The FDAM process
itself is presented in Chapters through -- from initial research and
discovery, to standalone lab testing, through to compiling the final report.
It should be noted that because cyber security testing is inherently complex
and detail-oriented, those performing the tests will generally have a wealth
of knowledge and experience that is dif- ficult to fully document or simplify
into a step by step process. In every testing situation, the background of
the testers may influence how they choose to implement the process, and in
which order. Although this document is presented as a logical process, it is
not necessary to follow every step in the document as laid out. For example,
a tester that is intimately familiar with ICS systems might choose to do the
literature review and vulnerability scoring in conjunction with lab testing.
Or, if project resources are limited, the best choice might be to do only a
literature review and risk scoring without standalone lab testing or even a
device teardown. The FDAM is intended to support OTAs, cyber protection teams
(CPTs), and other organiza- tions within DOD that support OT&E on weapons
platforms and systems, but it can also be applied to ICS used within DOD
installations and other bases, particularly for infrastructure support. The
DOT&E FDAM is applicable for mission platforms, which are heavily reliant on
ICS, including naval shipboard systems (electrical plant management,
machinery control, aircraft launch/recovery, radar, fire control, and
others), advanced ground vehicle management, and aircraft/avionics. The FDAM
also supports a range of DOD assessment requirements [2, 3] and the approach
is suitable to varying classification levels, as application details and
close-held government information can be included when desirable (and
useful).« less
* https://doi.org/10.2172/1494181
* Full Text Available
* CYBER THREAT AND VULNERABILITY ANALYSIS OF THE U.S. ELECTRIC SECTOR
Technical Report Glenn, Colleen; Sterbentz, Dane; Wright, Aaron
With utilities in the U.S. and around the world increasingly moving toward
smart grid technology and other upgrades with inherent cyber vulnerabilities,
correlative threats from malicious cyber attacks on the North American
electric grid continue to grow in frequency and sophistication. The potential
for malicious actors to access and adversely affect physical electricity
assets of U.S. electricity generation, transmission, or distribution systems
via cyber means is a primary concern for utilities contributing to the bulk
electric system. This paper seeks to illustrate the current cyber-physical
landscape of the U.S. electric sector in the context of its vulnerabilities
to cyber attacks,more » the likelihood of cyber attacks, and the impacts
cyber events and threat actors can achieve on the power grid. In addition,
this paper highlights utility perspectives, perceived challenges, and
requests for assistance in addressing cyber threats to the electric sector.
There have been no reported targeted cyber attacks carried out against
utilities in the U.S. that have resulted in permanent or long term damage to
power system operations thus far, yet electric utilities throughout the U.S.
have seen a steady rise in cyber and physical security related events that
continue to raise concern. Asset owners and operators understand that the
effects of a coordinated cyber and physical attack on a utility’s operations
would threaten electric system reliability–and potentially result in large
scale power outages. Utilities are routinely faced with new challenges for
dealing with these cyber threats to the grid and consequently maintain a set
of best practices to keep systems secure and up to date. Among the greatest
challenges is a lack of knowledge or strategy to mitigate new risks that
emerge as a result of an exponential rise in complexity of modern control
systems. This paper compiles an open-source analysis of cyber threats and
risks to the electric grid, utility best practices for prevention and
response to cyber threats, and utility suggestions about how the federal
government can aid utilities in combating and mitigating risks.« less
* https://doi.org/10.2172/1337873
* Full Text Available
* CONCEPT FOR CYBER-PHYSICAL CONSEQUENCE PROCESS
Technical Report Rieger, Craig; O'Brien, Barry; Barnes, Kevin; ...
The Department of Homeland Security’s Office of Cyber and Infrastructure
Analysis (DHS/OCIA) has a mission and vision that promotes innovation as
central to expanding the organization’s capability to conduct consequence
analysis. To pursue such innovation, OCIA is sponsoring a seedling effort
with Idaho National Laboratory (INL) to leverage data from the proposed
Automated Vulnerability Assessment (AVA) capability, which the DHS Science
and Technology (S&T) Directorate is developing through a separate INL effort.
The first phase of this effort is to develop a process by which recognized
vulnerabilities can be scored relative to importance, reflected primarily in
the ability to initiatemore » high consequence and potentially cascading
events. This report documents a cyber-physical metrics process (CPMP) to tie
physical impact to the malicious exploitation of cyber vulnerabilities in
industrial control systems (ICS) with the potential for initiating
consequence in the critical infrastructure. The scale of achieving any
particular physical consequence is dependent upon the ICS Component the
vulnerability exists on, the Level of Access that the exploit would allow to
component function and the Physical Impact (CLAPI) to the power system that
the component is tied. A modified common vulnerability scoring system (CVSS)
was detailed and demonstrated for the power sector with three case studies
associated with a recognized vulnerability, with significant consequence
detail provided to apply the process across the power sector. A detailed
table that provides background on the power system components, ICS-enabled
monitoring and control, potential consequence effects, and CVSS scoring is
provided. To demonstrate the applicability of the CPMP, tables are provided
as examples for other sectors that include chemical, water/wastewater and
oil/gas.« less
* https://doi.org/10.2172/1482997
* Full Text Available
* DOE/DHS INDUSTRIAL CONTROL SYSTEM CYBER SECURITY PROGRAMS: A MODEL FOR USE IN
NUCLEAR FACILITY SAFEGUARDS AND SECURITY
Conference Anderson, Robert; Bjornard, Trond; Schanfein, Mark; ...
Many critical infrastructure sectors have been investigating cyber security
issues for several years especially with the help of two primary government
programs. The U.S. Department of Energy (DOE) National SCADA Test Bed and the
U.S. Department of Homeland Security (DHS) Control Systems Security Program
have both implemented activities aimed at securing the industrial control
systems that operate the North American electric grid along with several
other critical infrastructure sectors (ICS). These programs have spent the
last seven years working with industry including asset owners, educational
institutions, standards and regulating bodies, and control system vendors.
The programs common mission is tomore » provide outreach, identification of
cyber vulnerabilities to ICS and mitigation strategies to enhance security
postures. The success of these programs indicates that a similar approach can
be successfully translated into other sectors including nuclear operations,
safeguards, and security. The industry regulating bodies have included cyber
security requirements and, in some cases, have incorporated sets of standards
with penalties for non-compliance such as the North American Electric
Reliability Corporation Critical Infrastructure Protection standards. These
DOE and DHS programs that address security improvements by both suppliers and
end users provide an excellent model for nuclear facility personnel concerned
with safeguards and security cyber vulnerabilities and countermeasures. It is
not a stretch to imagine complete surreptitious collapse of protection
against the removal of nuclear material or even initiation of a criticality
event as witnessed at Three Mile Island or Chernobyl in a nuclear ICS
inadequately protected against the cyber threat.« less
* Full Text Available
* Similar Records
--------------------------------------------------------------------------------
*
*
*
* Website Policies / Important Links
* Contact Us
*
* Vulnerability Disclosure Program
*
* Facebook
* Twitter
* YouTube