Roadmap to Secure Control Systems in the Energy Sector: Difference between revisions
No edit summary |
No edit summary |
||
| Line 21: | Line 21: | ||
==Synopsis== | ==Synopsis== | ||
Control systems form the central nervous system of the North American energy infrastructure. They | |||
encompass vast networks of interconnected electronic devices that are essential in monitoring | |||
and controlling the production and distribution of energy in the electric grid and the oil and gas | |||
infrastructure. The ability of these cyber systems to provide automated control over a large, dispersed | |||
network of assets and components has helped to create the highly reliable and flexible energy infrastructure we have | |||
today. However, this span of control requires control systems to communicate with thousands of nodes and numerous | |||
information systems—thus exposing energy systems and other dependent infrastructures to potential harm from | |||
malevolent cyber attack or accidents. | |||
===An Urgent Need=== | |||
Energy control systems are subject to targeted cyber attacks. Potential adversaries have pursued | |||
progressively devious means to exploit flaws in system components, telecommunication methods, and | |||
common operating systems found in modern energy systems with the intent to infiltrate and sabotage | |||
vulnerable control systems. Sophisticated cyber attack tools require little technical knowledge to use and | |||
can be found on the Internet, as can manufacturers’ technical specifications for popular control system | |||
equipment. Commercial software used in conventional IT systems, which offers operators good value and | |||
performance but poor security, is beginning to replace custom-designed control system software. | |||
Efforts by the energy sector to uncover system vulnerabilities and develop effective countermeasures have so | |||
far prevented serious damage. However, attacks on energy control systems have been successful. The need | |||
to safeguard our energy networks is readily apparent: energy systems are integral to daily commerce and the | |||
safe and reliable operation of our critical infrastructures. Any prolonged or widespread distruption of energy | |||
supplies could produce devastating human and economic consequences. | |||
===Industry Leadership=== | |||
The urgent need to protect our energy control systems from cyber attack has prompted industry and | |||
government leaders to step forward and develop an organized strategy for providing that protection. Their | |||
efforts have produced this Roadmap to Secure Control Systems in the Energy Sector, which presents a | |||
vision and supporting framework of goals and milestones for protecting control systems over the next ten | |||
years. This strategic framework enables industry and government to align their programs and investments | |||
to improve cyber security in an expedient and efficient manner. The Roadmap integrates the insights and | |||
ideas of a broad cross-section of asset owners and operators, control system experts, and government leaders | |||
who met for a two-day workshop in July 2005 and contributed to subsequent reviews. Their purpose was | |||
simple: create an effective plan and execute it. | |||
===The Vision=== | |||
Asset owners and operators believe that within ten years | |||
control systems throughout the U.S. energy sector will be able | |||
to survive an intentional cyber assault with no loss of critical | |||
function in critical applications. This is a bold vision that | |||
confronts the formidable technical, business, and institutional | |||
challenges that lie ahead in protecting critical systems against | |||
increasingly sophisticated cyber attacks. | |||
Utilities and energy companies have long recognized | |||
that it is neither practical nor feasible to fully protect | |||
all energy assets from natural, accidental, or intentional | |||
damage. However, the sector’s track record of excellent | |||
reliability reflects an effective protective approach | |||
that balances preventive measures with rapid response | |||
and recovery in a competitive business environment. | |||
Accordingly, the industry’s vision for securing energy | |||
control systems focuses on critical functions of the most | |||
critical applications. These are the functions that, if | |||
lost, could result in loss of life, public endangerment, | |||
environmental damage, loss of public confidence, or | |||
severe economic damage. This risk-based approach builds | |||
on the established risk-management principles now in use | |||
throughout the energy sector. | |||
===A Strategic Framework=== | |||
To achieve this vision, the Roadmap outlines a strategic framework featuring four main goals that represent | |||
the essential pillars of an effective protective strategy: | |||
'''Measure and Assess Security Posture.''' Companies should thoroughly understand their current security | |||
posture to determine system vulnerabilities and the actions required to address them. | |||
Within 10 years, the sector will help ensure that energy asset owners have the ability and commitment | |||
to perform fully automated security state monitoring of their control system networks with real-time | |||
remediation capability. | |||
====2015==== | |||
Develop and Integrate Protective Measures. As security risks are identified, protective measures should | |||
be developed and applied to reduce system risks. | |||
Security solutions will be developed for legacy systems, but options will be constrained by the limitations | |||
of existing equipment and configurations. Within 10 years, next-generation control system components | |||
and architectures that offer built-in, end-to-end security will replace many older legacy systems. | |||
Detect Intrusion and Implement Response Strategies. Because few systems can be made totally | |||
impervious to cyber attacks all the time, companies should possess sophisticated intrusion detection systems | |||
and a sound response strategy. | |||
Within 10 years, the energy sector will operate control system networks that automatically provide | |||
contingency and remedial actions in response to attempted intrusions into the control systems. | |||
Sustain Security Improvements. Maintaining aggressive and proactive control system security over | |||
the long term will require a strong and enduring commitment of resources, clear incentives, and close | |||
collaboration among stakeholders. | |||
Over the next 10 years, energy asset owners and operators are committed to working collaboratively | |||
with government and sector stakeholders to accelerate security advances. | |||
To achieve these four goals, the Roadmap contains key milestones tied to distinct time frames, as shown in | |||
Exhibit E.1. This structure introduces a coherent framework for mapping efforts currently underway in the | |||
public and private sectors and helping to launch new projects that advance the security of control systems. | |||
==Additional Notes and Highlights== | ==Additional Notes and Highlights== | ||
Work sponsored by the Dept. of Homeland Security and the Dept. of Energy. | Work sponsored by the Dept. of Homeland Security and the Dept. of Energy. | ||
Revision as of 14:41, 24 June 2010
Full Title of Reference
Roadmap to Secure Control Systems in the Energy Sector
Full Citation
Energetics Inc., Roadmap to Secure Control Systems in the Energy Sector (2006). Web
Categorization
- Overview: Government Reports
- Threats and Actors: Electricity, Oil and Natural Gas; Private Critical Infrastructure
- Issues: Public-Private Cooperation
Key Words
Synopsis
Control systems form the central nervous system of the North American energy infrastructure. They encompass vast networks of interconnected electronic devices that are essential in monitoring and controlling the production and distribution of energy in the electric grid and the oil and gas infrastructure. The ability of these cyber systems to provide automated control over a large, dispersed network of assets and components has helped to create the highly reliable and flexible energy infrastructure we have today. However, this span of control requires control systems to communicate with thousands of nodes and numerous information systems—thus exposing energy systems and other dependent infrastructures to potential harm from malevolent cyber attack or accidents.
An Urgent Need
Energy control systems are subject to targeted cyber attacks. Potential adversaries have pursued progressively devious means to exploit flaws in system components, telecommunication methods, and common operating systems found in modern energy systems with the intent to infiltrate and sabotage vulnerable control systems. Sophisticated cyber attack tools require little technical knowledge to use and can be found on the Internet, as can manufacturers’ technical specifications for popular control system equipment. Commercial software used in conventional IT systems, which offers operators good value and performance but poor security, is beginning to replace custom-designed control system software.
Efforts by the energy sector to uncover system vulnerabilities and develop effective countermeasures have so far prevented serious damage. However, attacks on energy control systems have been successful. The need to safeguard our energy networks is readily apparent: energy systems are integral to daily commerce and the safe and reliable operation of our critical infrastructures. Any prolonged or widespread distruption of energy supplies could produce devastating human and economic consequences.
Industry Leadership
The urgent need to protect our energy control systems from cyber attack has prompted industry and government leaders to step forward and develop an organized strategy for providing that protection. Their efforts have produced this Roadmap to Secure Control Systems in the Energy Sector, which presents a vision and supporting framework of goals and milestones for protecting control systems over the next ten years. This strategic framework enables industry and government to align their programs and investments to improve cyber security in an expedient and efficient manner. The Roadmap integrates the insights and ideas of a broad cross-section of asset owners and operators, control system experts, and government leaders who met for a two-day workshop in July 2005 and contributed to subsequent reviews. Their purpose was simple: create an effective plan and execute it.
The Vision
Asset owners and operators believe that within ten years control systems throughout the U.S. energy sector will be able to survive an intentional cyber assault with no loss of critical function in critical applications. This is a bold vision that confronts the formidable technical, business, and institutional challenges that lie ahead in protecting critical systems against increasingly sophisticated cyber attacks.
Utilities and energy companies have long recognized that it is neither practical nor feasible to fully protect all energy assets from natural, accidental, or intentional damage. However, the sector’s track record of excellent reliability reflects an effective protective approach that balances preventive measures with rapid response and recovery in a competitive business environment. Accordingly, the industry’s vision for securing energy control systems focuses on critical functions of the most critical applications. These are the functions that, if lost, could result in loss of life, public endangerment, environmental damage, loss of public confidence, or severe economic damage. This risk-based approach builds on the established risk-management principles now in use throughout the energy sector.
A Strategic Framework
To achieve this vision, the Roadmap outlines a strategic framework featuring four main goals that represent the essential pillars of an effective protective strategy:
Measure and Assess Security Posture. Companies should thoroughly understand their current security posture to determine system vulnerabilities and the actions required to address them. Within 10 years, the sector will help ensure that energy asset owners have the ability and commitment to perform fully automated security state monitoring of their control system networks with real-time remediation capability.
2015
Develop and Integrate Protective Measures. As security risks are identified, protective measures should be developed and applied to reduce system risks. Security solutions will be developed for legacy systems, but options will be constrained by the limitations of existing equipment and configurations. Within 10 years, next-generation control system components and architectures that offer built-in, end-to-end security will replace many older legacy systems. Detect Intrusion and Implement Response Strategies. Because few systems can be made totally impervious to cyber attacks all the time, companies should possess sophisticated intrusion detection systems and a sound response strategy. Within 10 years, the energy sector will operate control system networks that automatically provide contingency and remedial actions in response to attempted intrusions into the control systems. Sustain Security Improvements. Maintaining aggressive and proactive control system security over the long term will require a strong and enduring commitment of resources, clear incentives, and close collaboration among stakeholders. Over the next 10 years, energy asset owners and operators are committed to working collaboratively with government and sector stakeholders to accelerate security advances. To achieve these four goals, the Roadmap contains key milestones tied to distinct time frames, as shown in Exhibit E.1. This structure introduces a coherent framework for mapping efforts currently underway in the public and private sectors and helping to launch new projects that advance the security of control systems.
Additional Notes and Highlights
Work sponsored by the Dept. of Homeland Security and the Dept. of Energy.