SCADA and ICS Security Assessment

Home > Services > Security Assessment > SCADA and ICS Security

Introduction

Industrial control system (ICS) including its components (SCADA, PLCs, and RTUs etc.) are typically used in industries such as electrical, water and wastewater, oil and natural gas, chemical, transportation, pharmaceutical, pulp and paper, food and beverage etc.

SCADA (Supervisory Control and Data Acquisition) generally refers to an industrial control system for a given process. These processes are often of mission critical nature and usually exist as of industrial, infrastructure or facility-based nature


Challenges and threats to ICS systems

ICS systems were originally designed to meet performance, reliability, safety, and flexibility requirements. In most cases, they were physically isolated from outside networks and based on proprietary hardware, software, and communication protocols that lacked the secure communication capabilities; the need for cyber security measures within these systems was not anticipated.

However, in today’s ever-connected real-time business environments, the earlier “air gap” does not exist.

Common threat agents for these ICS systems are:

  • Attackers
  • Bot-network operators
  • Criminal groups
  • Malicious Insiders
  • Spyware/malware authors
  • Terrorists
  • Industrial/State sponsored spies

Vulnerabilities in ICS systems

These vulnerabilities can be classified into broadly three groups:

  • Policy and Procedure Vulnerabilities
  • Platform Vulnerabilities
  • Network Vulnerabilities
Policy and Procedure Vulnerabilities

These vulnerabilities are introduced into the ICS due to incomplete, inappropriate, or non-existent security documentation, including policy and procedures.

Platform Vulnerabilities

These vulnerabilities can occur due to flaws, misconfiguration, or poor maintenance of hardware, operating systems, and ICS applications.

Network Vulnerabilities

These vulnerabilities in ICS may occur from flaws, misconfiguration, or poor administration of ICS networks and their connections with other networks.


How NII can help you?

Our team of experts follow a step by step procedure to do a thorough security assessment of your mission critical SCADA systems to find out how vulnerable they are against external attacks done by malicious users and how much they are compliant against the security standards such as ICS-CERT, DoE (Department of Energy), DHS (Department of Homeland Security), NIST SP 800-82 Rev 1, NIST SP 800-53 Rev 4, TR99.00.02 and ENISA guidelines for ICS systems, National ICS Security Standard, Qatar etc. We use the following tools for our assessment process such as AuditPro (our in-house developed Auditing tool), Nmap, Nessus, Super scan etc.


NII Methodology for ICS systems

As per the criticality of the ICS, here is the brief snapshot of NII Methodology:

  1. NII follows NIST, DoE, DHS security guidelines for ICS risk assessment.
  2. NII will review existing policy and procedures, else will assist to develop the new policy and procedure as per the global best practices for ICS.
  3. NII will start project with site survey which will include onsite visit to the PDCs and PMUs sites on sample basis. This will help us to understand how ICS are being utilized.
  4. NII will perform network diagram review on site visit.
  5. NII will perform Risk based Assessment which will combine Automated and Manual assessment as ICS components are prone to be crash.
  6. NII will report immediately to the stakeholders about any critical issue found during the assessment process.
  7. Post assessment, NII will submit the drafted report to the management for their input.
  8. Once approved by management, NII will release the final report.

Takeaways

After the security assessment tests, our results will help you to determine these core points:

  1. The importance of system and configuration hardening mission-critical SCADA systems
  2. You will come to know these complex machines better and secure them accordingly
  3. You can be sure that your SCADA system is actually isolated

SCADA systems make attractive targets for the attackers to tinker around the mission critical systems such as making atomic energy uranium enrichment process unstable by planting a Trojan which suppresses the earning alarm system. With the emergence of Advanced Persistent Threats (APT) like Stuxnet looming around, it should act as a major security concern for every organization having SCADA infrastructure. A thorough security assessment of such SCADA system is a need of the hour in recent times and it must be taken seriously.


Case study on SCADA assessment

SCADA assessment case study