Skip to Main Content
This article presented an overview of the security vulnerabilities of today's industrial control networks. These vulnerabilities exist despite abundant information, standards, and recommended practices published by such organizations as the IEC, IEEE, and ISA. While a good understanding of the issues is required to appreciate the problem, the good news is that it does not take long for the plant engineering forces to get up to speed on the network issues surrounding cybersecurity. Unfortunately, the same can be said for the hacker. Many incidents have occurred and even more are yet to come. Existing systems are vulnerable but can be secured. Given the resources available, future systems can be made secure from the start. Assessing the existing network is straightforward. Producing a human assessment, device inventory, and network diagram is the first step. The development of sensitive assessment tools that can gather the required information, but not affect the- process computers, is also required. All information is gathered, entered into a database, analyzed, and then compared to industry best practices.