Control system threats

InTech, Dec 2004 by Shifflet, Nancy Gill

Control systems are in a constant state of flux with equipment installations and removals, subsystem upgrades, equipment reconfigurations, communication media changes, user account activity, and vendor changes. These operational activities can introduce vulnerabilities into a secure control system implementation. security plans can give guidance in avoiding vulnerabilities, but they need to be operationally current to be effective.

Historically, control systems used proprietary hardware, software, and network protocols-limiting the potential for an attack to those with control system-specific skills. Control systems today face more risks because of their vulnerabilities, due to things like standardized technologies and network connectivity, restrictions on implementing existing security technologies and practices, unsecured remote connectivity, and publicly available control system-specific information.

Systems are vulnerable when the security plan doesn't include a proactive and reactive strategy. Proactive strategy includes a pre-attack examination of security policy vulnerabilities and steps to minimize them by developing contingency plans. Reactive strategy provides instructions on performing post-attack assessments and damage repair of the contingency plan to get the process functioning. security plans may not exist, personnel may not know their location, the documents can be out-of-date, or instructions can be difficult to follow.

The user community may not know how the security policy affects them and will unknowingly introduce vulnerabilities into the control system. Information technology and control system departments may not share information concerning current threats. Vulnerabilities lie in hardware, software, and data assets. A business environment, operational environment, and control system architectural design decisions could also be vulnerable.

Motives and methods

Control system cyber attack motives can include experimental curiosity, pride and power, commercial advantage, extortion and criminal gain, random protest, political protest, terrorism, and cyber warfare.

Methods include probes, scans, floods, authentication, bypass, spoof, read, copy, steal, modify, and delete. Tools include physical attack, information exchange, user command, script or program, autonomous agent, toolkit, distributed tool, and data tap. Social engineering has been a success in past cyber attacks. Those included gaining user logins, passwords, and system instructions. Control system skills attackers use to implement a target-specific attack include knowledge of the control system architecture, types of equipment installed, protocols, network architecture, configuration algorithms, specialized communication devices and passwords, ladder logic, and sequential function block programming.

Types of attacks include virus, worm, buffer overflow, denial of service, timing, password, desynchronization, resource exhaustion, logic bomb, Trojan horse, and trapdoor. Attack vehicles are application program interface, email, protocol, and user activation.

After an attack, a control system could face service denial; elemental denial of service; addition, deletion, alteration, or delay of signals transmitted to edge devices; addition, deletion, alteration, or delay of signals transmitted to the host system; lost transmitted data; system transfer of control; elemental transfer of control; and knowledge discovery.

Behind the byline

Nancy Gill Shifflet is a dissertation candidate from Nova Southeastern University in Ft. Lauderdaie, Fla. Her e-mail is Shifflet@computer.org.