Full Description

As the water industry's reliance on computers, computer networks and automated information systems continues to increase so does it's vulnerability to intentional and unintentional security breaches such as plant miss-operation, data corruption and inappropriate data access. Computer information system security breaches or cyber terrorism may result in process upsets potentially impacting the water supply, loss of critical operations data or distribution of incomplete or erroneous data. For example, many utilities have employed supervisory controls and data acquisition (SCADA) systems to improve monitoring, process control, compliance, security, and overall reliability. Experienced hackers or those with specific knowledge about the system can access remotely accessible SCADA systems. Once logged in, properly equipped hackers can deactivate process alarms, change chemical federates, start/stop equipment, and so on. The results of this intrusion can pose a wide variety of environmental, health and safety concerns for employees and the general public. The computer systems, computer network components and interfaces, as well as the applications used in the water industry have built-in security features that can significantly reduce the risk of security breaches. However, even when all security features are in force, cyber terrorism still posses a threat and systems are still susceptible to some risks. Even though there is an increased security awareness due to the recent terrorist attacks on the United States, water utilities are reminded that a water utility cyber attack by terrorists is less likely than a cyber attack from a disgruntled employee. This paper reviews the security features available and how they can be used to reduce security risks. It also presents some of the security "gaps" and methods for minimizing the risk exposure resulting from these gaps. Includes 8 references, figures.

Product Details

Edition: Vol. - No. Published: 01/01/2002 Number of Pages: 12File Size: 1 file , 760 KB