Explore Shop

AWWA IMTECH64730 PDF

$14.00

Self-Assessment Tool, Best Practices Enable Utilities to Regain Secure Access to Automated Systems
Conference Proceeding by American Water Works Association, 03/01/2007

Document Format: PDF

Description

For the past 20 years, utility managers have come to rely onvaluable data that is found in process control systems including supervisory control and data acquisition (SCADA). While trying to securethese systems from security violations, however, many utilities have cut off their own access tovaluable data that is required for sound decision making. A recent WERF/AwwaRF researchproject, led by EMA, was designed to provide utilities with the tools to accurately determinecurrent vulnerabilities and consequences and develop a set of leading practices that will enableutilities to ensure both effective security and real-time access.This presentation examines the Control System Cyber Security Self Assessment Tool(CS<sup>2</sup>SAT) that has been developed, reviewed, and tested via a collaborative effort with theDepartment of Homeland Security’s Control System Security Program and Idaho National Labs.This portable, self-assessment tool will enable any water or wastewater utility to conduct effectivevulnerability assessments, determine their state of readiness, and develop corrective measures toclose the vulnerability gap for their control systems. Utilities will be able to create a baseline anduse the tool periodically (i.e., annually) or when a system component is modified or added. Thispresentation will explore the specifics of the self-assessment tool, its capabilities, what sorts ofvulnerabilities it can typically locate, the resulting products and information, its reportingcapabilities, and how utilities will be able to use the tool.The project team has also developed a set of leading practices, guidance, references, andrecommendations that have been incorporated into the tool and can be used as a stand-alonereference.The material produced from this research project will provide the necessary approaches, options,guidelines and specifications to utilities on how to assess computerized and automated systemvulnerabilities, determine acceptable risk and countermeasures, and develop a transition plan toattain secure and protected control systems. The first step is an assessment of a utility’s currentcircumstances to develop a clear understanding of the existing gaps. Only then will it be possibleto develop a plan to close those gaps and secure access to valuable data for those who need it,while ensuring there is no way to penetrate these systems by those who don’t. This presentationprovides vital insight for utility decision-makers who care about secure access to automatedsystems.

Product Details

Edition:
Vol. – No.
Published:
03/01/2007
Number of Pages:
35
File Size:
1 file , 1 MB
Note:
This product is unavailable in Ukraine, Russia, Belarus

Related products