Energy companies recognize that they have become high-value targets and that their operations can be disrupted using only cyber means. Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and Process Control Systems (PCS) are of specific interest to attackers as these operate critical infrastructure. Risk management is extremely difficult because every risk has a high cost attached and there are no reliable statistics to assess the likelihood of a risk occurring. The challenge is to understand an organization's risk profile and tailor its risk management strategy accordingly.

Industrial networks facilitate the free flow of messages that can allow poison packets to transmit with potentially disastrous effect. For instance, Distributed Network Protocol (DNP3) Secure Authentication does not protect against implementation failures in the device that can be exploited through malformed packets, therefore making protocol-aware validation and restrictions essential. A comprehensive approach to restricting what can and does occur within an industrial control network will help effectively mitigate the systemic risks that are inherent within the industrial control environment.

To comprehensively protect the critical infrastructure that powers civilian businesses and homes, the intelligent approach demands a secure-system design that controls and monitors all entities within the control system from users to vulnerability-prone endpoints and protocols. Not all attacks occur from external sources and so boundary protections such as data-diodes and firewalls are not enough. Such solutions, however, also must preserve operational efficiency to assure that the cure is not worse than the malware, in relation to operational efficiency.

Successful risk management requires an effective assessment of the inherent risks and the most viable mitigation strategies for those risks. This paper outlines these systemic industrial control specific cyber-related risks, and offers an approach for intelligently monitoring and controlling cyber activity to reduce a cyber-related impact. This approach promotes systems-based methods that focus on architectures that leave critical operations uninterrupted.

Keywords:
US government, firmware, normal operation, Upstream Oil & Gas, data security, communication, assessment, operation, mitigation, attacker
Subjects:
Security, Information Management and Systems, Data and communications security, Data security
Copyright 2016, Society of Petroleum Engineers
You can access this article if you purchase or spend a download.