Resource Page

Manufacturing Process Control Security

Avoiding deadly errors - Determination of industrial control system cyber security vulnerabilities in the discrete manufacturing sector

July 2002 Mfg.Trust Feature Story

Resources
ProQuest: For NCMS Members Only

Resources

(^top) NIST and NIST Partnerships:

Computer Security Resource Center

Process Control Security Requirements
Forum (PCSRF)

National Information Assurance
Partnership (NIAP), click Process Control

NCMS Manufacturing Information Assurance Survey

http://www.ncms.org/discretemfg/survey-GEN.asp

Remarks of Kenneth I. Juster, Under Secretary of Commerce for Export Administration at conference on Digital Process Control Security for the Nation’s Critical Infrastructures

British Columbia Institute of Technology, Internet Engineering Lab, see paper "Designing Secure Networks for Process Control" - Eric Byres (67K PDF)

For NCMS Members Only

(^top) NCMS Members Web site (login required). See Mfg. Insight - Mapping a Course to Shop Floor Infrastructure Security

NCMS Members:
No password? Don't remember? Contact NCMS here. 

 ProQuest:

NCMS Members will find the following relevant articles via their ProQuest Business Information accounts:

Technology-enabled utility improvements: Avoid or exploit?

American Water Works Association. Journal; Denver; Feb 2002

(^top)

ISA Conference

The Instrumentation, Systems, and Automation Society

 Industrial Network Security: Challenges and Solutions

Thursday, 8 August 2002
Philadelphia, PA

Link to Program

Manufacturing Information Assurance: Closing the Barn Door after the Horse is Gone

by Tony Haynes

For at least the past decade, OEMs have pounded automation systems suppliers for ever more openness and they have responded. All now offer transparent access to data and programs using proprietary interfaces over TCP/IP.

As a result, users may access their control systems from anywhere in the world so long as they have access to a PC with a browser and connection to the Internet.

But openness has its down side. Making it easy for those with legitimate need to access information also makes it easy for those with less than honorable intentions to do the same.

So how do we enable the good guys while making it more difficult for the bad guys?