ISA NEWS RELEASE
Contact: Jennifer Infantino
ISA's Security Technologies for Industrial Automation and Control Systems Technical Report Submitted to ANSI
Research Triangle Park, NC (27 August 2007) -- ISA-TR99.00.01, Security Technologies for Industrial Automation and Control Systems, has been submitted to ANSI for approval as an ANSI Technical Report.
The need for protecting Industrial Automation and Control System (IACS) computer environments from malicious cyber intrusions has grown significantly over the last decade. The combination of the increased use of open systems, platforms, and protocols in the IACS environment; along with an increase in joint ventures, alliance partners and outsourcing has lead to increased threats and a higher probability of cyber attacks.
As these threats and vulnerabilities increase, the risk of a cyber attack on an industrial communication network correspondingly increases, as well as the need for the protection of computer and networked based Information Sharing and Analysis Centers.
Additionally, the growth in intelligent equipment and embedded systems; increased connectivity to computer and networked equipment and software; and enhanced external connectivity coupled with rapidly increasing incidents of network intrusion, more intelligent hackers, and malicious yet easily accessible software, all add to the risk.
There are numerous electronic security technologies and cyber intrusion countermeasures potentially available to the IACS environment. The Security Technologies for Industrial Automation and Control Systems Technical Report introduces several categories of cyber security technologies and countermeasure techniques and discusses specific types of applications within each category, the vulnerabilities addressed by each type, suggestions for their deployment, and their known strengths and weaknesses. Additionally, guidance is provided for using the various categories of security technologies and countermeasure techniques for mitigation of the above-mentioned increased risks.
The document does not make recommendations of one cyber security technology or mitigation method over others, but provides recommendations and guidance for using the technologies and methods, as well as information to consider when developing a site or corporate cyber security policy, program and procedures for the IACS environment.
For more information about ISA's standards, visit www.isa.org/standards.
Founded in 1945, ISA (www.isa.org) is a leading, global, nonprofit organization that is setting the standard for automation by helping over 30,000 worldwide members and other professionals solve difficult technical problems, while enhancing their leadership and personal career capabilities. Based in Research Triangle Park, North Carolina, ISA develops standards; certifies industry professionals; provides education and training; publishes books and technical articles; and hosts the largest conference and exhibition for automation professionals in the Western Hemisphere. ISA is the founding sponsor of The Automation Federation (www.automationfederation.org).