Cyber security: New documents for control systems, wireless
U.S. Department of Homeland Security (DHS) announces the availability of two new documents relating to control systems security. One targets security requirements and the other discusses wireless networks.
Washington , DC –U.S. Department of Homeland Security (DHS) announces the availability of two new documents relating to control systems security. One targets security requirements and the other discusses wireless networks.
The DHS Control Systems Security Program (CSSP), fosters a cohesive effort between industry and government to reduce the risk to critical infrastructure controls systems. The Catalog of Control Systems Security Requirements (draft) is accessible in a PDF. It is intended to facilitate the development and implementation of control system cyber security standards and should be viewed as a collection of requirements and practices to be considered in the review and development of cyber security standards for control systems. Comments by all systems stakeholders who review the document are invited at CSSP@hq.dhs.gov .
The second document is entitled Recommended Practices Guide Securing ZigBee Wireless Networks in Process Control System Environments (draft) is available in PDF. The paper addresses design principles and best practices in the secure implementation and operation of ZigBee wireless networks. The focus is secure deployment of such networks in industrial environments, including manufacturing and process automation facilities. ZigBee is used in applications such as distributed sensing and monitoring and is generically defined as Low-Rate Wireless Personal Area Networks (LR-WPAN) for devices that self-organize into short-range wireless networks. An overview of standards upon which ZigBee is based is provided, along with a description of ZigBee security architecture and secure LR-WPAN network design principles, plus a list of recommended practices. Technical issues and special considerations for installations of LR-WPAN networks in industrial environments are covered. The report states: “Reliability, security and performance are potential challenges when deploying wireless technologies in general and factors such as EMI/RFI and multi-path fading in industrial environments can be specific issues to consider. The choice of ZigBee network topology, the use of guaranteed time slotting and the application of security measures presented in this paper are some options to consider when addressing these issues.”