Industrial Control Systems (ICS) Security Assessment
ICS implementations are vulnerable primarily to local threats because many of their components are in physically secured areas and the components are not connected to IT networks or systems.
As the threats to ICS increase – due, in part, to increased geopolitical risks – so the need to protect them increases. In today’s climate, ICS security is an urgent priority. Weaknesses in the security of industrial control systems (ICS) – systems that relate to critical infrastructure such as power, water and transport – and their interfaces with other IT infrastructure can significantly derail businesses and economies. Possible incidents an ICS may face include the following:
- Blocked or delayed flow of information through ICS networks, which could disrupt ICS operation
- Unauthorized changes to instructions, commands, or alarm thresholds, which could damage, disable, or shut down equipment, create environmental impacts, and/or endanger human life
- Inaccurate information sent to system operators, either to disguise unauthorized changes, or to cause the operators to initiate inappropriate actions, which could have various negative effects
- ICS software or configuration settings modified, or ICS software infected with malware, which could have various negative effects
- Interference with the operation of safety systems, which could endanger human life.
ICS implementations are vulnerable primarily to local threats because many of their components are in physically secured areas and the components are not connected to IT networks or systems. However, the trend toward integrating ICS systems with IT networks provides significantly less isolation for ICS from the outside world than predecessor systems, creating a greater need to secure these systems from remote, external threats. Also, the increasing use of wireless networking places ICS implementations at greater risk from adversaries who are in relatively close physical proximity but do not have direct physical access to the equipment. Threats to control systems can come from numerous sources, including hostile governments, terrorist groups, disgruntled employees, malicious intruders, complexities, accidents, natural disasters as well as malicious or accidental actions by insiders. Our assessments identify these weaknesses – and recommend solutions. We combine specific tests with traditional penetration testing methods to cover all components and types of infrastructure. These technical tests can be accompanied by architectural and process security reviews.
Our auditors will assure that:
- Logical access to the ICS network and network activity are restricted.
- Physical access to the ICS network and devices are restricted.
- Individual ICS components are protected from exploitation.
- Functionality during adverse conditions can be maintained.
- The system can be restored after an incident