|
篇目详细内容 |
【篇名】 |
Protecting water and wastewater infrastructure from cyber attacks |
【刊名】 |
Frontiers of Earth Science |
【刊名缩写】 |
Front. Earth Sci |
【ISSN】 |
2095-0195 |
【EISSN】 |
2095-0209 |
【DOI】 |
10.1007/s11707-011-0199-5 |
【出版社】 |
Higher Education Press and Springer-Verlag Berlin
Heidelberg |
【出版年】 |
2011 |
【卷期】 |
5
卷4期 |
【页码】 |
406-413
页,共
8
页 |
【作者】 |
Srinivas Panguluri;
William Phillips;
John Cusimano;
|
【关键词】 |
wastewater infrastructure; protecting water; cyber attacks |
【摘要】 |
Multiple organizations over the years have collected and analyzed data on cyber attacks and they all agree on one conclusion: cyber attacks are real and can cause significant damages. This paper presents some recent statistics on cyber attacks and resulting damages. Water and wastewater utilities must adopt countermeasures to prevent or minimize the damage in case of such attacks. Many unique challenges are faced by the water and wastewater industry while selecting and implementing security countermeasures; the key challenges are: 1) the increasing interconnection of their business and control system networks, 2) large variation of proprietary industrial control equipment utilized, 3) multitude of cross-sector cyber-security standards, and 4) the differences in the equipment vendor’s approaches to meet these security standards. The utilities can meet these challenges by voluntarily selecting and adopting security standards, conducting a gap analysis, performing vulnerability/risk analysis, and undertaking countermeasures that best meets their security and organizational requirements. Utilities should optimally utilize their limited resources to prepare and implement necessary programs that are designed to increase cyber-security over the years. Implementing cyber security does not necessarily have to be expensive, substantial improvements can be accomplished through policy, procedure, training and awareness. Utilities can also get creative and allocate more funding through annual budgets and reduce dependence upon capital improvement programs to achieve improvements in cyber-security. |
|