ALL >> Education >> View Article
Cyber-security Improvement Plan For Pureland Wastewater
Total Articles: 580
With the information technology emergence as the underlying technology that supports the industrial control systems, companies have been implementing it to improve their systems’ functionality. While the trend of leveraging this technology in the ICS continues, security and safety of the ICS remains at the back seat. The Homeland Security Report recommends an in-depth defense mechanism to counter the risks that can affect the ICS industry. PureLand Wastewater Treatment Inc. is a company that has experience in the provision of services in the wastewater treatment using Chlorine dioxide that the Homeland Security finds to be poisonous. The Department of Homeland Security carried out an audit on PureLand systems, and they offered them a tool that they would use to ensure that they comply with the CFATS regulations. The DHS requires the company to comply with those security requirements or else they face the full force of the law. The PureLand Wastewater Treatment Company then decides to hire a consultant to help them address the cyber security threats and ensure compliance of the company to the CFATS requirements.
The Current State of Security of Pureland Wastewater ICS
Pureland has done a lot as pertains to the physical security, but they have left the theft of their trade secret in light of the toxic chemical they use to the back seat. DHS helps the company to understand the implication of that ignorance on the possibility of theft occurring to their trade secret regarding Chlorine Dioxide. Cyber terrorism that chemical can take place and consequently sabotage the company security mechanisms. PureLand can now use the security tool provided by the Department of Homeland Security and ensure that they seal the loophole that renders the security of their trade secrets vulnerable. To my observation also, the existence of only a single firewall and the use of the ring topology introduces security vulnerabilities to the network. There should be at least two firewalls, one behind the router and another in front of the router to better contort e-traffic in and out of the company intranet.
The security issues exposed by the Department of Homeland Security include the lack of a proper anti-virus program as well as an appropriate patch management. The laptops and the computers used by the company workers also do not have enough security mechanism implemented on them. Hence, they may introduce malware to the other systems, or they may act as a point of weakness that the intruders can use to gain access to the corporate network. DHS also finds out that the company is not doing risk management and risk assessment on a regular basis, meaning that its network and systems are prone to breach security from the outside. DHS also highlights that the company does not carry out auditing in the proper manner, meaning that the services and the products of the company may not meet the required quality standards. That puts the company at risk of losing its customers if they discover that the company products and services do not meet the security requirements that they should meet.
We know that secure communication over a network is of paramount importance; however, the company fails to employ encryption for its wireless technology. That makes it possible for the intruders to intercept critical communications that are not meant for the unintended parties. A hacker or their business rivals can use the intercepted information against the company, and this can be affected the company’s reputation or even make it succumb to its rivals. DHS finds out that the company does not employ proper authentication systems. That opens room for the internal employees to misuse their rights and access information that they should not be accessing. They can use that information inappropriately making the company be negatively impacted in one way or another. Employees are also not provided with training to inform them about security risks. Thus, employees may be engaging in insecure activities without knowledge that they are risking the company. There are many security issues within the company network that the company should have to address if it wants to have secure transactions over the social network.
The network of PureLand consists of the Business Local Area Network, the Supervisory Network, the Control System, and the Filed System. These four segments are what form the chemical company network. The four segments work together in a harmonious way to ensure that the company continues to offer its services to the customers with fewer problems. Each of the network segments entails some hardware and systems that are useful to its functioning. The business LAN consists of endpoints, email server, business services, and the Web server through which the users of the company can access the Web. The Busyness LAN is the one that contains most of the services that the company workers need for them to conduct the operations required of them. It is the segment that lies at the periphery of the corporate network because it is the one that connects to the firewall that in turn connects to the global network.
The other segment of the network is the supervisory segment that the company uses perhaps to supervise the entire corporate network. It contains the historian database, the SCADA systems, and the historian. The segment offers a picture of a star network topology that entails centralization of network administration, making it possible to provide the needed security for the entire network. The historian is useful in the recording of trends and historical information concerning then industrial processes so that it can be useful for future reference.
The control system also contains the historian, the IED/PLC, MTU, the HMI and the ICCP Master. While the supervisory segment entails the supervision of all the processes within the enterprise, the control system is for controlling the company industrial control systems (Knapp, 2011). It contains the physical hardware and software that are essential in the accomplishment of the tasks in the segment. It communicates with the field system through a satellite. The field system is the segment that contains the systems necessary for the water treatment. It also incorporates a process control vendor support for supporting the operations of the ICS systems in case of any issues that may arise. There is only one firewall that connects the company to the Internet.
Overview of the Company’s Network Topology
Weaknesses in the topology design
The company uses the ring topology because each device connects to the next in a cycle as observed from the diagram. The diagram shows that the backbone cable runs from the firewall end through the business LAN and finally to the field system. When connected in that manner the management of the network is a hard task because all the nodes are autonomous, and they all have the same authority to control themselves. Another weakness that this topology poses to the network is that the removal of one node can affect the remaining nodes, and so the network administrator had to restructure the network again (Montgomery, 1994). It is also hard to add another device to the network because it will affect the entire network and reconfiguration will be requirements on all the nodes to include the new node in their routing tables.
Suggestions for improvements
The most suitable topology that the company should implement is the star topology tat centralizes the network management simplifying the security because all the nodes will be controllable from one central node. It will also allow the addition or removal of nodes from the network without affecting the rest of the nodes on the network. Also, when one node fails, it does not affect the others on the network. It also does not introduce collisions to the network because each workstation connects directly to the server using a dedicated link. Also, no node can interact with the other without having to, first of all, pass through the server. That gives the network or system administrator and easy task to implement security enhancements of the network. In case the network administrator wants to add new hardware or software, he will have to install it only on the server rather than on each machine as in the case of the ring topology.
However, the star topology also has few advantages that the network administrator should have to consider such as cost. The ring topology is the most expensive layout because it needs so many cables because each workstation must connect to the server individually. It also requires experts to lay this topology because it is not as straight forward as the ring topology. The company will also have to spend on additional hardware such as routers and switches because each network segment will need to have their switches and there has to be atheist one router to connect the users to the Internet. Another major disadvantage of this topology is that when the server crashes or fails, there is no workstation that can access its files or the network. However, it is far much better than the ring network topology and its advantages far outweigh the disadvantages.
Threats and vulnerabilities facing the ICS assets of the company
SCADA systems vulnerabilities and threats have been increasing, and that is the case partly due to the lack of attention by the system and network administrators to provide the required security on the same. The ICS systems often have their basis in organization insecure legacy protocols that many times do not offer adequate security to these systems (Homeland Security, 2011). These legacy protocols do not use the required access controls, for instance, default legacy protocols. There are also vulnerabilities to the ICSs base on the operating system of the host, for instance, the Windows operating system. Patching the legacy systems may affect the ICS functionality and make them often run vulnerable applications on top of the vulnerable OS (Weiss, 2010). Cyber attacks on ICS systems may use the Internet connections as the doors to penetrate into the business network connections and to other networks. They can consequently get to the layer of control networks and finally to the level of field systems. The common attack vectors for the ICS networks include the following:
• Any security breaches or backdoors on the network perimeter
• Vulnerabilities that may be existing on the common protocols of the legacy systems
• Database attacks
• Man-in-the-middle attacks and communication hijacking
• The Cinderella attacks synchronization and time provision
Threats to the ICS can emanate from different sources such as terrorist groups, malicious intruders, disgruntled employees, industrial spies, hostile governments, and natural sources like system complexities, equipment failures, natural disasters, and human errors. They all come as a result of a defense-in-depth strategy for the ICS. Attackers can break into a network because as the technology is advancing, there is also the development of sophisticated tools for attacking systems (Homeland Security, 2011). Some criminal groups may seek to attack ICS systems for monetary gain using phishing, spam, or spyware to accomplish their missions. Disgruntled employees are also becoming a potential source of crime.
The insider crime can incorporate outsourcing vendors and employees who accidentally leverage malware to attack the corporate ICS (Knapp, 2011). Also, terrorists are other threats that may seek to incapacitate, destroy, and exploit the critical or ICS infrastructure to cause casualties, weaken the economy, threaten national security or damage public morale. The industrial espionage can is also another potential cyber security threat to the ICS, and these seek to acquire the intellectual property as well as a know-how using clandestine methods.
Policy and Procedural Vulnerabilities
There can be the introduction of vulnerabilities to the ICS due to incomplete, nonexistent or inappropriate security documentation including implementation and policy guides (procedures). The management support along with security documentation is the cornerstone of any security mechanism. An organizational security policy can be effective in reducing g the vulnerabilities be making such enhancements as password and maintenance or any other requirements for connecting modems to the ICS. Vulnerabilities can have an introduction into the ICS system when there are inadequate policies or when specific policies for the ICS are lacking (Martellini, 2013). Also, the lack of adequate security architecture and design can introduce vulnerabilities into the ICS system. Many companies do not have documented or specific security procedures from the security policy regarding the ICS. Coupled with that, many employees do not have adequate training, and so it becomes hard for companies to develop specific cyber security programs and procedures for the ICS systems.
The other thing that causes the lack of policies and procedures in organizations is the absence of deficiency of implementation guidelines for the ICS equipment. It is prudent that organizations keep implementation guidelines available and up to date because those guidelines are integral to the security procedures in case of any occurrence that can lead to ICS malfunctioning (Knapp, 2011). There is also the lack of administrative mechanisms regarding ICS security enforcements. Companies also fail to carry out security audits on the ICS, so this makes it hard for those organizations to establish compliance with the ICS security procedures and procedures. The lack of audits also makes organizations vulnerable to cyber attacks because they are unable to detect breaches in their security services. The lack of policies and procedures is also brought about by the lack of specific disaster recovery plans or continuity of operations (Laing et al., 2013). The lack of ICS specific configuration change management also makes the ICS vulnerable because it results in security exposures, oversights, and risks.
The other things that can bring about vulnerabilities in ICS include flaws, poor maintenance or misconfigurations of their platforms including the operating system, ICS application and hardware (Knapp, 2011). That means there are platform configuration vulnerabilities, platform software vulnerabilities, platform hardware vulnerabilities and platform malware protection vulnerabilities. Organizations do not have in pace operation system and vendor software patches until they can find potential security vulnerabilities. Even if there may be operating system and application patches, there is no maintenance of the same taking place, therefore making the ICS vulnerable to attacks (Macaulay et al., 2011). Also, the usage of default configurations can result in insecure and unnecessary exploitable services and open ports as well as an application running on hosts. Even if there may be critical configurations on the ICS, organizations do not have any solid plans in place for storing them or backing them up.
The ICS systems employ a variety of software that is useful in meeting its functionality demands (Laing et al., 2013). Besides this software, there is also the database that resides on the historians apart from the many database applications that may be present to plant sessions. The DB historian’s hosts centralized data that comprises of essential and confidential information. The data are not only useful for technical purposes; they are also useful for business purposes such as in the pricing of electricity. The most common vulnerability with this software is the buffer overflow although it is not the only flaw; there can be others such as integer overflow, format string among others (Macaulay & Singer, 2011). The fact that most applications of controlling the ICS systems are written in the C language, there is extra caution required to handle this vulnerability.
Also, many database applications introduce vulnerability for SQL injection. It is possible to access many database applications using the Structured Query Language statements for content and structural manipulation. Regarding data historians in the current ICS systems, one of the commonest Internet attacks has a very strong implication on the ICS system security (Laing et al., 2013). An SQL injection can occur when an attacker manipulates data into the Web application. Also, in case there is the enabling of the command shell store procedure, it makes it easy for an attacker to move further to the prompt level. That process runs with similar permissions to the components that for command execution. That can, in turn, allow more attackers into the databases, or it can even allow them to execute commands on the ICS. Enabling the store procedure on SQL server makes the server vulnerable to SQL injection and malicious modifications to the databases may result in catastrophic damages (Martellini, 2013).
Platform hardware vulnerabilities may include inadequate testing of the security changes, and many small ICS facilities do lack test facilities. Critical hardware systems in organizations may also lack adequate protection, hence making it possible for people to access such critical hardware as field devices, media, the control center, and other ICS components (Martellini, 2013). Unauthorized personnel may also have access to the equipment resulting in the physical theft of the hardware, damage or destruction, unauthorized modifications, disconnection of data links, and interception of data. In some companies, there may be inadequate remote access to devices and lack of redundancy for ICS critical components. Also, the lack of backup power in many organizations introduces platform hardware security vulnerabilities.
There are also specific platform software vulnerabilities such as the issue of buffer overflow giving an open door for an attacker to perform various attacks on the ICS system. The failure to enable installed security capabilities is also another platform software vulnerability that can open room for cyber attack (Macaulay et al., 2011). The lack of maintenance of logs or the lack of accurate and proper logs makes it almost impossible to determine the cause of a security event. The use of proprietary software discussed in periodicals or conferences can also be another source of ICS vulnerability. The other ICS software platform vulnerability is also the lack of installation of intrusion prevention or detection systems, thus opening the way for denial-of-service attacks, as well as other various types of attacks. The running of unneeded services can also open room for any types of cyber attacks to occur.
The platform malware related vulnerabilities include the lack of installation of malware protection software (Macaulay & Singer, 2011). That, in turn, can result in loss of system availability, deletion of data, performance degradation, modification and loss of system availability as it makes the ICS open to malicious software. Even when there is malware software installed, they may not be up to date, thus leaving the ICS system open to new malware (Macaulay et al., 2011). The other things regarding malware protection vulnerability are implementing software minus exhaustive testing. The installation of malware protection software minus through testing can affect the normal operation of the ICS.
The UDP port can introduce the vulnerability into the SCADA systems leading to the diagnostic server attacks. For instance, the hashing algorithm used in the standard authentication API is susceptible to collisions. It allows brute forces attacks to take pace whereby the attackers leverage strings that can produce the same hash just as the legitimate password, thus gaining access to the ICS system (Laing et al., 2013). Also, the VxWorks debug services run the UDP on port 17185 that is vulnerable to attack. An adversary can also use address resolution protocol to translate the IP addresses to MAC addresses as well as discover any other interfaced devices on the Local Area Network. By sending fake address resolution protocol messages containing false MAC addresses to the ICS system, the attacker can confuse the network devices like the switches. One countermeasure can be the use of static MAC addresses (Martellini, 2013).
Network perimeter Vulnerabilities
An organization may lack a proper definition of the network perimeter security leading to unauthorized access to the ICS system and data. There can also be a lack of firewalls and the ones used may have poor configurations leading to the passage of unnecessary data to the intranets (Weiss, 2010). That, in turn, can allow malware and attacks to spread between networks resulting in making the sensitive data prone to eavesdropping or monitoring on the other network. Also, the network control services may not be within the control network. For instance, such IT services as dynamic host configuration protocol and domain name system may have usage to control networks, but their implementation can take place on the IT network, thus causing the ICS to become dependent on the Information technology network that may not be having availability and reliability enhancements needed for the ICS.
The lack of identification of critical control and monitoring paths can leave a backdoor for the ICS attacks. The adversaries can also use a protocol analyzer to monitor the ICS network activity and encode any data transferred using such protocols as the Network File System, Telnet or the File Transfer Protocol. Communication vulnerability is the lack of authentication for network users or the inadequacy of standard devices (Bhatt, 2013). That introduces the potential to replay, spoof or modify data or such devices as identifiers or sensors.
Network hardware vulnerabilities
There may be inadequate protection mechanisms for the physical network equipment making it possible for attackers to access the ICS network and cause damage or destruction (Stouffer et al., 2011). If there are also unsecured ports, this can result in allowing unauthorized connection of keystroke loggers or thumb drives. Also, networks can lack redundancy thus providing a single point of failure for the ICS network.
How to mitigate the threats
Define ICS Security Policies and Procedures
Defining policies and procedures is the core of every successful security program, and therefore, there should be the definition of ICS specific policies and procedures integrated with the existing management policies. There should be transparency of these procedures so that it can be possible to implement them, at all levels. These security policies and procedures do help to make sure that security is consistent and current so that ICS systems can be secure from evolving threats (Martellini, 2013). They can also be useful for educating the employees. If possible, organizations can update their policies or create new ones to address the threats that are prevalent for ICS.
Conduct Risks and Vulnerability Assessment
Because organizations have limited resources, they ought to conduct a risk assessment for the ICS and utilize the findings to prioritize the ICS systems by the potential effect on each system (Macaulay et al., 2011). The enterprise should then carry out a detailed vulnerability assessment for the lower priority as well as the highest priority systems as resource allow. That assessment can aid in identifying any weaknesses that may be prevalent in the systems and allow the adverse effect to systems in light of integrity, confidentiality, and availability. When the risks and vulnerability analysis is taking place, the ICS personnel be aware and prepare to mitigate immediately any problems that may arise (Bhatt, 2013). The security auditors should also understand the ICS system under test, the risks or vulnerabilities involved under that test and the impacts associated with the DoS to the ICS.
Define the Mitigation Controls
Enterprises should analyze the risk assessment, determine the costs associated with each risk and then compare the costs with the potential for the occurrence of the risk after which they can select mitigation controls in areas where cost does not exceed the potential risk. It is impractical to eliminate all the risks; therefore, enterprises should focus on mitigating those risks that have the greatest potential effect on the ICS and the associated processes (Knapp, 2011).
Use of Firewalls
Network Firewalls are systems or devices that control the network traffic flow between networks using various security postures. They are useful in restricting connectivity to the sensitive networks or systems such as the accounting system so that it is easy to prevent unauthorized access to these systems or resources in the sensitive areas. The guidelines on firewalls and firewall policies are provided by the NIST SP 800-41 to help organizations understand how to select firewalls and firewall policies (Stouffer et al., 2011). Firewalls permit the ICs to implement policies that are appropriate to them although they may not be appropriate to the IT network.
Applicable regulations regarding cyber security
• NIST SP 800-12 offers guidelines for security policies and procedures that can be useful for the ICS system (Stouffer et al., 2011).
• Stouffer also shows that the NIST 800-53 facility does give the guidelines for protecting perimeters and software on the ICS
• NIST 800-82 contains a detailed recommendation for developing a defense-in-depth architecture for an ICS network and other facilities
• The RBPS Metrics 8.2.5 offers documentation for the information regarding passwords as well as authentication methods (Chemical Facility Anti-Terrorism Standards, 2009).
• The ISO/IEC 27001-27005 provides the suitable guidelines to the features required in a monitoring system.
• The NIST SP 800-41 recommends that firewalls are suitable for protecting the ICS network and it also offers all the types of firewalls and how and where one can use them.
• ISA 62443-3-3 entails the recommendations for facilities that can be useful for managing networks and making them more secure.
• NIST SP 800-91 is the publication that contains the guidelines for the intrusion detection/prevention systems.
• The security training and awareness program guidelines are in the NIST SP 800-50 as well as in the RBPS Metric 8.4.1 (Stouffer et al., 2011)
Future state of ICS security
Purereland should put a firewall and a router in between the organization network and the control network. That should be a slightly complex design that entails the use of a router/firewall combination in the PureLand Wastewater Company network. They will need to place a router in front of the firewall to offer basic packet filtering as the firewall is handling complex issues using proxy techniques or stateful inspection. That kind of design is useful, and many companies use it for the Internet-facing firewalls as it allows the network routers to handle the incoming packets particularly in the DoS attacks thereby reducing the load on the firewall. That design provides a defense-in-depth as it makes it impossible for the attacker to bypass the two devices (FISMA, 2005). It will be more advantageous for PureLand to use firewalls from two different manufacturers so that they will supplement each other’s limitations.
Another future state for PureLand network is to establish a DMZ between the company network and the control network. Each demilitarized zone should hold critical components like the data historian, the third party access points, and the wireless access point (Macaulay et al., 2011). Currently, we see the historian and the database historian for Pureland are vulnerable to attacks and putting it in a DMZ will provide tight security for it. The creation of the DMZ will require that the firewalls the company uses provide three interfaces and not the normal public and private interfaces. The first interface should connect to the company network, the second should accrete a link to the control; network while the third to the insecure or shared devices like the data historian server or the access points on the DMZ network.
PureLand should also pay attention to the defense-in-depth architecture recommended by NIST SP 800-82v that requires that there be multiple security controls or technologies combined so as to offer robust ICS security. The architecture entails a multiple layer security strategy that involves two or more overlapping security mechanisms. It includes the creation of DMZs, intrusion detection or prevention systems having effective security procedures and policies, and training programs as well as incident response mechanisms. Also, a defense-in-depth strategy requires that there be a thorough understanding of the potential attack vectors on the ICS system (Knapp, 2011). These potential attack vectors may include backdoors in the network perimeter, database attacks, and vulnerabilities on network devices, man-in-the-middle attacks and communication hijacking.
Security controls of system devices
The security controls for the ICS system devices are the operational, technical and management controls prescribed for an IS so as to safeguard the confidentiality, availability, and integrity of systems and their information. These security controls are in provision in the NIST SP 800-53, and they offer helpful information to help companies in selection and specification of security controls for ICS in light of the Federal government requirements (Knapp, 2011). It organizes security controls to three classes that include operational, technical and management whereby each class is broken further into some families of controls. Each of the controls delves further into the control definition, possible enhancements and supplemental, guidance.
A single technology or product is not sufficient to protect an ICS. Proper security for ICS and its related devices requires that there be a combination of multiple security policies as well as a properly configured set of controls (Bhatt, 2013). A cyber security control that is effective for an ICS and it’s the devices within it should have to employ a defense-in-depth and layering security mechanisms for the purpose of minimizing the impact of a failure in any one mechanism.
Challenges of securing an industrial control system
Because the ICS have usage for controlling, physical processes relating transport, power, gas, water and other critical infrastructure. That means that almost 100 prevent the availability of these systems is required because it will be very costly to disrupt the systems (Laing et al., 2013). The output of ICS is associated with physical processes and. Therefore, the effect of downtime can impact millions of people. Achieving 100 percent availability is almost impossible to achieve. That is the reason many companies continue to run their ICS even when they detect malware because they cannot afford to experience downtime. With only a couple of minute’s downtime of the ICS, the collection of evidence for investigation of the possible security breaches or malicious codes infections is extremely difficult to achieve.
The other challenge of securing ICS is because many ICS systems used today are between 10 and 30 years old. To secure and maintain the security of these legacy systems whose initial design was for point to point communication? Those systems were installed in the pre-Internet era and hence their design was not connectivity, and so they do not have any authenticating commands.
The other major challenge to securing ICS systems is the fact that there has been the evolution of higher level management systems making organizations seek standardization and cut costs through the usage of commercial-off-the-shelf products. That leads to the introduction of OSs such as MS Windows, and Linux that enable connections between business networks and the management for the ICS. That means there is a great exposure of those OSs to threats associated with external connections with the industrial plants. Companies are unwilling to update their systems, not for the purpose of increased expenses but also the need to recertify the entire system so that they can comply with the industry regulations.
Another challenge to the provision of the required security to the ICS is also because for one to achieve a greater ICS connectivity, there is a need for improved security. The need or the most cost-effective and best of breed systems is also resulting in heterogeneous environments in several enterprises that offer critical national infrastructure. The transition to trading energy like goods is also driving the need to interconnect ICS and traders. A greater connectivity to suppliers for the purpose of remote access is also required to enable a cost-effective monitoring and maintenance. Another challenge to security is the lack of authentication mechanisms in the legacy ICS.
The paper highlighted the shortcoming of the PureLand network and the possible vulnerabilities and threats for an ICS. It helps shed more light on the area of ICS security and what the company requires having a solid security on its network and the ICS system. The paper acts as a plan in response to DHS’s requirements for a comprehensive cyber security that can safeguard it from cyberattacks and the theft of its trade secret. If PureLand should have the required comprehensive cyber security improvement plan, it should follow the cyber security guidelines provided in the paper. That will make them have cyber security at all the levels of their system and the network. They will secure the chemical from sabotage and comply with the DHS. As a consultant to this company, I will implement this plan within a period of not more than six months.
Bhatt, A. (2013). Computer and network security threats. International journal of advanced research in Computer Science and management studies, 1(1).
FISMA (2002). Federal Information Security Management Act of 2002, Section 301: Information Security, http://csrc.nist.gov/drivers/documents/FISMA-final.pdf
Homeland Security (2011). Common Cybersecurity vulnerabilities in Industrial Control Systems. Retrieved from https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/DHS_Common_Cybersecurity_Vulnerabilities_ICS_2010.pdf
Knapp, E. (2011). Industrial Network Security:Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems. Waltham, Massachusetts: Syngress, 2011.
Laing, C., Badii, A. & Vickers, P. (2013). Securing critical infrastructures and critical control systems: Approaches for threat protection. Hershey, PA: Information Science Reference.
Macaulay, T. & Singer, B. (2011). Cybersecurity for industrial control systems. CRC Press: NY.
Macaulay, T., Bryan, L. & Singer, L. (2011). Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS. CRC Press, London: NY.
Martellini, M. (2013). Cyber security: Deterrence and IT protection for critical infrastructures. Cham: Springer.
Montgomery, S. L. (1994). Object-oriented information engineering: Analysis, design, and implementation. Cambridge, MA: AP Professional.
Stouffer, K., Falco, J. & Scarfone, K. (2011). Recommendation of the National Institute of Standards and Technology. Special Publication 800-82. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf
Weiss, J. (2010). Protecting industrial control systems from electronic threats (1st Ed.). New York: Momentum Press.
Sherry Roberts is the author of this paper. A senior editor at Melda Research in research paper essay writing service if you need a similar paper you can place your order for a custom research paper from college research paper services.
Author is associated with MeldaResearch.Com which is a global Custom Essay Writing and Term Paper Writing Company. If you would like help in Research Papers and Term Paper Help you can visit Custom Writing Service
Education Articles1. Going Through Proper Training Is A Better Option To Achieve Success In Career
Author: Alzbeta Berka
2. Most Effective Ways To Increase Your Standard Of Teaching In Institutes
Author: Alzbeta Berka
3. Surat Al Fatihah
Author: Shehzad Hasan
4. Qlik Sense Online Course
Author: oveiya krishnasamy
5. How To Become A Professional Fashion Illustrator!
Author: Britanindya Ghosh
6. Why Pursue Career In Business Management And Administrative
Author: ponting brown
7. Splunk Course Online Training From Ibm It Solutions
Author: Harika Sharma
8. Which Is The Best Electronics & Communication Engineering College In India?
Author: Techno International New Town
9. Mba/bba Project Report Services:how To Write A Great Conclusion
Author: anushka yadav
10. How Can You Help Your Child Living In A Boarding School?
11. Top 5 Eco-friendly Activities To Teach Kids These Summers
12. 5 Things Your College Must Provide For You
13. List Of Top Fashion Designing Institute In Bangalore | Vidya Fashion Academy
Author: Vidya Fashion Academy
14. Advanced Java Blogs For Programmers Of All Level
15. Discover The Scopes To Become A Licensed Cctv Operator In United Kingdom
Author: Alzbeta Berka