GarrettCom Ethernet Networks and Web Management Manual De Usuario

 

At the vanguard of developing security guidelines for industrial control systems are the 

Instrumentation, Systems, and Automation Society (ISA) and the National Institute of Standards and 

Technology (NIST).  ISA, through its SP99 committee, has published two technical reports on 

manufacturing and control systems security that address the growing threats to industrial system 

security.  The NIST Process Control Security Requirements Forum (PCSRF) has issued the System 

Protection Profile for Industrial Control Systems (SPP-ICS).  

 

The SP99 committee, Manufacturing and Control Systems Security, represents a cross-section of the 

industrial market with representation from control system vendors, end-users, system integrators, 

consultants, and cyber security vendors.   The first two reports from the committee, which were 

published in 2004, are:  "Security Technologies for Manufacturing and Control Systems" (ISA-

TR99.00.01-2004, or TR1) and "Integrating Electronic Security into the Manufacturing and Control 

Systems Environment" (ISA-TR99.00.02-2004 or TR2). 

 

TR1 provides guidance for using currently available electronic security technologies, without making 

specific technology recommendations.  It categorizes 28 electronic security technologies into five 

‘buckets”:   

• 

authentication and authorization; 

• 

filtering/blocking/access control;  

• 

encryption and data validation;  

• 

audit, measurement, monitoring and detection tools; 

• 

computer software and physical security controls.  

Both control engineers and IT management can use the document to understand the opportunities and 

limitations of deploying IT-based security methods in a real-time environment.   

 

The document provides information on each technology regarding:  

 7