Site menu
Login form
Our poll
Rate my site
Результаты | Архив опросов
Всего ответов: 8
Site friends
  • Create a free website
    • Statistics
    Онлайн всего: 3
    Гостей: 3
    Пользователей: 0
    Main » 2011 » Март » 16 » Information Security Incident ACS foreign countries
    10:41
    Information Security Incident ACS foreign countries
    To date, existing approaches to information security elements of PCS are insufficient in view features of the architecture and properties of hardware and software components thereof, that provides an attacker to several vectors impact on technological automated systems. With the development of information technologies and significant complication of ACS architecture appeared multiple threats to information security to be implemented by an attacker can lead to catastrophic consequences.

    Below is an analytical report containing a description of the incident in the sector of information security control system of foreign countries based on Internet publications, as well as the unique developments SEC Stankoinformzaschita "security WEB-applications that come with a variety of SCADA-systems.


    During the period from 2008 to 2010 in the elements of process control system, components of its software and hardware base, were discovered multiple vulnerabilities that can lead to a breach of correct operation of the process and the implementation of the threats of unauthorized access to the information processed in:
    • systems, supervisory control and data acquisition (SCADA);
    • separate management interfaces automation objects;
    • elements of the telemetry subsystem and robot;
    • applications applications for the analysis of industrial and technological data
    • Systems production management (MES-systems).

    This analytical report separately allocated specific control system vulnerabilities, along with the vectors of attack, has already found its application to modern WEB-applications, databases, components, operating systems, third-party application software. The use of traditional information technology elements ACS is one of the reasons for the low level of protection most of them. This factor allows an attacker to test the existing knowledge on the elements of process control system, indicating that the availability of substantial exploitation of open sources (evidenced by the manual method posted here in the form of "exploit" or «Proof-of-Concept»). Time of vulnerability varies and has been further explored in the course of compiling the report to clarify the possible range of stay compromised PCS or its elements in a critical condition.

    Views: 356 | Added by: w1zard | Rating: 0.0/0
    Total comments: 0
    Имя *:
    Email *:
    Код *: