Practical cybersecurity for protection and control system communications networks

This paper explains practical design principles to follow for networked protection and control systems. Proven cybersecurity best practices, system architectures, monitoring methods, and defense-in-depth techniques are described. The risks and proper mitigations are explained for many common problems, such as human error, malicious malware, and advanced nation-state zero-day attacks. The paper references and summarizes several industry standards. These insights come from the authors' design, installation, and support of dozens of operational protection and control systems. The paper is written so that a protection or control engineer with minimal network experience can easily relate to all concepts.

[1]  D. Kushner,et al.  The real story of stuxnet , 2013, IEEE Spectrum.

[2]  Krishnanjan Gubba Ravikumar,et al.  Complete power management system for an industrial refinery , 2015, 2015 IEEE Petroleum and Chemical Industry Committee Conference (PCIC).

[3]  Yakov Rekhter,et al.  Address Allocation for Private Internets , 1994, RFC.

[4]  Paul Omar,et al.  Framework for evaluating information flow security in multicore processors , 2012 .

[5]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[6]  Robbie Allen,et al.  Active Directory , 2018, Windows PowerShell 5 und PowerShell 7.

[7]  Nicholas Seeley,et al.  Making peace with communications networks: What power engineers need to know about modern and future network communication for plants and substations , 2011, 2011 Record of Conference Papers Industry Applications Society 58th Annual IEEE Petroleum and Chemical Industry Conference (PCIC).