Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Post: #1


Over the last few years modern accelerator and experiment control systems have increasingly been based on commercial-off-the-shelf products (VME crates, PLCs, SCADA systems, etc.), on Windows or Linux PCs, and on communication infrastructures using Ethernet and TCP/IP. Despite the benefits coming with this ®evolution, new vulnerabilities are inherited, too: Worms and viruses spread within seconds via the Ethernet cable, and attackers are becoming interested in control systems. Unfortunately, control PCs cannot be patched as fast as office PCs. Even worse, vulnerability scans at CERN using standard IT tools have shown that commercial automation systems lack fundamental security precautions: Some systems crashed during the scan, others could easily be stopped or their process data be altered . The (CS)2/HEP workshop [2] held the weekend before ICALEPCS2007 was intended to present, share, and discuss countermeasures deployed in HEP laboratories in order to secure control systems. This presentation will give a summary of the solutions planned, deployed and the experience gained.

Presented By
S. Lüders*, CERN, Geneva, Switzerland

The enormous growth of the worldwide interconnectivity of computing devices (the Internet) during the last decade offers computer users new means to share and distribute information and data. In industry, this results in an adoption of modern Information Technologies (IT) to their plants and, subsequently, in an increasing integration of the production facilities, i.e. their process control and automation systems, and the data warehouses. Thus, information from the factory floor is now directly available at the management level (From Shop-Floor to Top-Floor) and can be manipulated from there. However, with a thorough inter-connection of business and controls network, the risk of suffering from a security breach in distributed process control and automation systems# increases. This risk can be expressed as in the following formula: Risk = Threat × Vulnerability × Consequence The different factors are explained in the following. Threats This interconnected world is by far more hostile than a local private controls network. The number of potential threats increases as worms and viruses can now easily propagate to control systems and attackers start to become interested in control systems too. Additional threats can be operators or engineers who download configuration data to the wrong device, or broken controls devices that flood the controls network and, thus, bring it to a halt. The major part of the factor threat originates from outside and cannot be significantly reduced. Thus, protective measures have to be implemented to prevent external threats penetrating control systems. These protective measures should also prevent insiders from (deliberate or accidental) unauthorized access.

The adoption of standard modern IT in control systems also exposes their inherent vulnerabilities to the world. Programmable Logic Controllers (PLCs) and other controls devices (even valves or temperature sensors) are nowadays directly connected to Ethernet, but often completely lack security protections [1]. Control PCs are based on Linux and Microsoft Windows operating systems, where the latter is not designed for control systems but for office usage. Even worse, control PCs can not be patched that easily, as this has to be scheduled beforehand. In addition, controls applications may either not be compliant with a particular patch or software licenses to run controls applications may become invalid. Finally, using emailing or web servers has become normal on control systems today; even web cameras and laptops can now be part of them. The vulnerability factor can either be minimized by guaranteeing a prompt fix of published or known vulnerabilities, and/or by adding pro-active measures to secure the unknown, potential or not-fixable vulnerabilities.

Within the High-Energy Physics (HEP) community, control systems are used for the operation of the large and complex accelerators and beam lines, the attached experiments, as well as for the technical infrastructure (e.g. power & electricity, cooling & ventilation). All are running a wide variety of control systems, some of them complex, some of them dealing with personnel safety, some of them controlling or protecting very expensive or irreplaceable equipment. Thus, the consequences from suffering a security incident are inherent to the design of e.g. accelerators at stake. A security incident can lead to loss of beam time and physics data, or ” even worse ” damage to, or destruction of, unique equipment and hardware.

Control System Cyber-Security in HEP
In order to cope with the growing usage of standard IT technologies in control systems, several HEP laboratories worldwide have reviewed their operation principles by taking the aspect of security into account. This paper will give a summary on the Control System Cyber-Security

Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: cyber space marketing system, cyber security seminar topics, cyber security marathi mahiti, cyber security hindi pdf, cyber, cyber extortion, cyber espionage,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Home appliance & pc Cursor control by mobile phone (DTMF) smart paper boy 3 2,365 21-05-2015 03:16 PM
Last Post: seminar report asees
  MICRO CONTROLLER BASED SECURITY SYSTEM USING SONAR ajukrishnan 5 5,914 31-01-2015 11:55 PM
Last Post: Guest
  Android Mobile Security – An Issue of Future computer girl 2 1,474 24-08-2013 10:26 AM
Last Post: computer topic
  APPLE – A Novel Approach for Direct Energy Weapon Control project topics 13 5,341 04-03-2013 11:43 AM
Last Post: seminar details
  Implementation of Obstacle Avoidance and ZigBee Control Functions for Omni Directiona seminar class 3 1,998 12-02-2013 09:16 AM
Last Post: Guest
  GLOBAL SYSTEM FOR MOBILE COMMUNICATIONS & SECURITY full report seminar presentation 1 1,914 06-02-2013 10:02 AM
Last Post: seminar details
  Automatic Power Factor Control seminar class 4 3,704 25-01-2013 11:38 AM
Last Post: seminar details
Last Post: fake_lover01
Last Post: seminar details
  Design & Development of a GSM Based Vehicle Theft Control System seminar class 9 10,211 29-11-2012 01:15 PM
Last Post: seminar details