Difference between revisions of "Roadmap to Secure Control Systems in the Energy Sector"

From Cybersecurity Wiki
Jump to navigation Jump to search
Line 21: Line 21:
 
==Synopsis==
 
==Synopsis==
  
This document, the Roadmap to Secure Control Systems in the Energy Sector, outlines a coherent plan for improving cyber security in the energy sector. It is the result of an unprecedented collaboration between the energy sector and government to identify concrete steps to secure control systems used in the electricity, oil, and natural gas sectors over the next ten years. The Roadmap provides a strategic framework for guiding industry and government efforts based on a clear vision supported by goals and time-based milestones. It addresses the energy sector’s most urgent challenges as well as longer-term needs and practices.
+
Control systems form the central nervous system of the North American energy infrastructure. They
 +
encompass vast networks of interconnected electronic devices that are essential in monitoring
 +
and controlling the production and distribution of energy in the electric grid and the oil and gas
 +
infrastructure. The ability of these cyber systems to provide automated control over a large, dispersed
 +
network of assets and components has helped to create the highly reliable and flexible energy infrastructure we have
 +
today. However, this span of control requires control systems to communicate with thousands of nodes and numerous
 +
information systems—thus exposing energy systems and other dependent infrastructures to potential harm from
 +
malevolent cyber attack or accidents.
  
A distinctive feature of this collaborative effort is the active involvement and leadership of energy asset owners and operators in developing the Roadmap content and priorities. The Roadmap synthesizes expert input from the control systems community, including owners and operators, commercial vendors, national laboratories, industry associations, and government agencies. The Roadmap project was funded and facilitated by the U.S. Department of Energy’s Office of Electricity Delivery and Energy Reliability in collaboration with the U.S. Department of Homeland Security’s Science and Technology Directorate and the Energy Infrastructure Protection Division of Natural Resources Canada.
+
===An Urgent Need===
 +
Energy control systems are subject to targeted cyber attacks. Potential adversaries have pursued
 +
progressively devious means to exploit flaws in system components, telecommunication methods, and
 +
common operating systems found in modern energy systems with the intent to infiltrate and sabotage
 +
vulnerable control systems. Sophisticated cyber attack tools require little technical knowledge to use and
 +
can be found on the Internet, as can manufacturers’ technical specifications for popular control system
 +
equipment. Commercial software used in conventional IT systems, which offers operators good value and
 +
performance but poor security, is beginning to replace custom-designed control system software.
  
The members of the Control Systems Roadmap Steering Group wish to thank members of the diverse control systems community who contributed their valuable ideas, insights, and time to make this Roadmap possible. In addition, we commend Hank Kenchington of DOE for his outstanding leadership in this important project.
+
Efforts by the energy sector to uncover system vulnerabilities and develop effective countermeasures have so
 +
far prevented serious damage. However, attacks on energy control systems have been successful. The need
 +
to safeguard our energy networks is readily apparent: energy systems are integral to daily commerce and the
 +
safe and reliable operation of our critical infrastructures. Any prolonged or widespread distruption of energy
 +
supplies could produce devastating human and economic consequences.
  
We strongly encourage industry and government to adopt this Roadmap as a template for action. The Roadmap marks a beginning rather than an end. It will require continued support, commitment, and refinement from industry and government to fulfill its promise in the years ahead.
+
===Industry Leadership===
 +
The urgent need to protect our energy control systems from cyber attack has prompted industry and
 +
government leaders to step forward and develop an organized strategy for providing that protection. Their
 +
efforts have produced this Roadmap to Secure Control Systems in the Energy Sector, which presents a
 +
vision and supporting framework of goals and milestones for protecting control systems over the next ten
 +
years. This strategic framework enables industry and government to align their programs and investments
 +
to improve cyber security in an expedient and efficient manner. The Roadmap integrates the insights and
 +
ideas of a broad cross-section of asset owners and operators, control system experts, and government leaders
 +
who met for a two-day workshop in July 2005 and contributed to subsequent reviews. Their purpose was
 +
simple: create an effective plan and execute it.
 +
 
 +
===The Vision===
 +
Asset owners and operators believe that within ten years
 +
control systems throughout the U.S. energy sector will be able
 +
to survive an intentional cyber assault with no loss of critical
 +
function in critical applications. This is a bold vision that
 +
confronts the formidable technical, business, and institutional
 +
challenges that lie ahead in protecting critical systems against
 +
increasingly sophisticated cyber attacks.
 +
 
 +
Utilities and energy companies have long recognized
 +
that it is neither practical nor feasible to fully protect
 +
all energy assets from natural, accidental, or intentional
 +
damage. However, the sector’s track record of excellent
 +
reliability reflects an effective protective approach
 +
that balances preventive measures with rapid response
 +
and recovery in a competitive business environment.
 +
Accordingly, the industry’s vision for securing energy
 +
control systems focuses on critical functions of the most
 +
critical applications. These are the functions that, if
 +
lost, could result in loss of life, public endangerment,
 +
environmental damage, loss of public confidence, or
 +
severe economic damage. This risk-based approach builds
 +
on the established risk-management principles now in use
 +
throughout the energy sector.
 +
 
 +
===A Strategic Framework===
 +
To achieve this vision, the Roadmap outlines a strategic framework featuring four main goals that represent
 +
the essential pillars of an effective protective strategy:
 +
 
 +
'''Measure and Assess Security Posture.''' Companies should thoroughly understand their current security
 +
posture to determine system vulnerabilities and the actions required to address them.
 +
Within 10 years, the sector will help ensure that energy asset owners have the ability and commitment
 +
to perform fully automated security state monitoring of their control system networks with real-time
 +
remediation capability.
 +
====2015====
 +
 
 +
Develop and Integrate Protective Measures. As security risks are identified, protective measures should
 +
be developed and applied to reduce system risks.
 +
Security solutions will be developed for legacy systems, but options will be constrained by the limitations
 +
of existing equipment and configurations. Within 10 years, next-generation control system components
 +
and architectures that offer built-in, end-to-end security will replace many older legacy systems.
 +
Detect Intrusion and Implement Response Strategies. Because few systems can be made totally
 +
impervious to cyber attacks all the time, companies should possess sophisticated intrusion detection systems
 +
and a sound response strategy.
 +
Within 10 years, the energy sector will operate control system networks that automatically provide
 +
contingency and remedial actions in response to attempted intrusions into the control systems.
 +
Sustain Security Improvements. Maintaining aggressive and proactive control system security over
 +
the long term will require a strong and enduring commitment of resources, clear incentives, and close
 +
collaboration among stakeholders.
 +
Over the next 10 years, energy asset owners and operators are committed to working collaboratively
 +
with government and sector stakeholders to accelerate security advances.
 +
To achieve these four goals, the Roadmap contains key milestones tied to distinct time frames, as shown in
 +
Exhibit E.1. This structure introduces a coherent framework for mapping efforts currently underway in the
 +
public and private sectors and helping to launch new projects that advance the security of control systems.
  
 
==Additional Notes and Highlights==
 
==Additional Notes and Highlights==
  
 
Work sponsored by the Dept. of Homeland Security and the Dept. of Energy.
 
Work sponsored by the Dept. of Homeland Security and the Dept. of Energy.

Revision as of 18:41, 24 June 2010

Full Title of Reference

Roadmap to Secure Control Systems in the Energy Sector

Full Citation

Energetics Inc., Roadmap to Secure Control Systems in the Energy Sector (2006). Web

BibTeX

Categorization

Key Words

Synopsis

Control systems form the central nervous system of the North American energy infrastructure. They encompass vast networks of interconnected electronic devices that are essential in monitoring and controlling the production and distribution of energy in the electric grid and the oil and gas infrastructure. The ability of these cyber systems to provide automated control over a large, dispersed network of assets and components has helped to create the highly reliable and flexible energy infrastructure we have today. However, this span of control requires control systems to communicate with thousands of nodes and numerous information systems—thus exposing energy systems and other dependent infrastructures to potential harm from malevolent cyber attack or accidents.

An Urgent Need

Energy control systems are subject to targeted cyber attacks. Potential adversaries have pursued progressively devious means to exploit flaws in system components, telecommunication methods, and common operating systems found in modern energy systems with the intent to infiltrate and sabotage vulnerable control systems. Sophisticated cyber attack tools require little technical knowledge to use and can be found on the Internet, as can manufacturers’ technical specifications for popular control system equipment. Commercial software used in conventional IT systems, which offers operators good value and performance but poor security, is beginning to replace custom-designed control system software.

Efforts by the energy sector to uncover system vulnerabilities and develop effective countermeasures have so far prevented serious damage. However, attacks on energy control systems have been successful. The need to safeguard our energy networks is readily apparent: energy systems are integral to daily commerce and the safe and reliable operation of our critical infrastructures. Any prolonged or widespread distruption of energy supplies could produce devastating human and economic consequences.

Industry Leadership

The urgent need to protect our energy control systems from cyber attack has prompted industry and government leaders to step forward and develop an organized strategy for providing that protection. Their efforts have produced this Roadmap to Secure Control Systems in the Energy Sector, which presents a vision and supporting framework of goals and milestones for protecting control systems over the next ten years. This strategic framework enables industry and government to align their programs and investments to improve cyber security in an expedient and efficient manner. The Roadmap integrates the insights and ideas of a broad cross-section of asset owners and operators, control system experts, and government leaders who met for a two-day workshop in July 2005 and contributed to subsequent reviews. Their purpose was simple: create an effective plan and execute it.

The Vision

Asset owners and operators believe that within ten years control systems throughout the U.S. energy sector will be able to survive an intentional cyber assault with no loss of critical function in critical applications. This is a bold vision that confronts the formidable technical, business, and institutional challenges that lie ahead in protecting critical systems against increasingly sophisticated cyber attacks.

Utilities and energy companies have long recognized that it is neither practical nor feasible to fully protect all energy assets from natural, accidental, or intentional damage. However, the sector’s track record of excellent reliability reflects an effective protective approach that balances preventive measures with rapid response and recovery in a competitive business environment. Accordingly, the industry’s vision for securing energy control systems focuses on critical functions of the most critical applications. These are the functions that, if lost, could result in loss of life, public endangerment, environmental damage, loss of public confidence, or severe economic damage. This risk-based approach builds on the established risk-management principles now in use throughout the energy sector.

A Strategic Framework

To achieve this vision, the Roadmap outlines a strategic framework featuring four main goals that represent the essential pillars of an effective protective strategy:

Measure and Assess Security Posture. Companies should thoroughly understand their current security posture to determine system vulnerabilities and the actions required to address them. Within 10 years, the sector will help ensure that energy asset owners have the ability and commitment to perform fully automated security state monitoring of their control system networks with real-time remediation capability.

2015

Develop and Integrate Protective Measures. As security risks are identified, protective measures should be developed and applied to reduce system risks. Security solutions will be developed for legacy systems, but options will be constrained by the limitations of existing equipment and configurations. Within 10 years, next-generation control system components and architectures that offer built-in, end-to-end security will replace many older legacy systems. Detect Intrusion and Implement Response Strategies. Because few systems can be made totally impervious to cyber attacks all the time, companies should possess sophisticated intrusion detection systems and a sound response strategy. Within 10 years, the energy sector will operate control system networks that automatically provide contingency and remedial actions in response to attempted intrusions into the control systems. Sustain Security Improvements. Maintaining aggressive and proactive control system security over the long term will require a strong and enduring commitment of resources, clear incentives, and close collaboration among stakeholders. Over the next 10 years, energy asset owners and operators are committed to working collaboratively with government and sector stakeholders to accelerate security advances. To achieve these four goals, the Roadmap contains key milestones tied to distinct time frames, as shown in Exhibit E.1. This structure introduces a coherent framework for mapping efforts currently underway in the public and private sectors and helping to launch new projects that advance the security of control systems.

Additional Notes and Highlights

Work sponsored by the Dept. of Homeland Security and the Dept. of Energy.