Control systems are essential to our daily life. At CERT Australia, we focus on enhancing the cyber security of the control systems of our nation’s critical infrastructure and systems of national interest. As much as possible, we make our material available for all organisations with control systems.
Providing cyber security for control systems presents several unique challenges. Control systems are the interface between the cyber world and the physical world. That is, a change on a computer causes a change to a physical system.
Issues to overcome include:
- lack of security in engineering protocols
- the need to re-test engineering systems after upgrades
- long life-cycles (20, 30 or even 50 years)
- the addition of many IT protocols, such as network time protocol (NTP) and address resolution protocol (ARP), to the engineering environment
- the control environment devices are often not set up to respond to, or to even receive without failing, messages from standard IT debugging and analysis tools.
Securing nations’ critical infrastructure is a world-wide pursuit. CERT Australia has devised a remote access protocol as well as eight top security tips to follow. You can find the documents on our resources page.