Johnson, F.
(2008),
Exploitation of Security Vulnerabilities Inherent in Common Development of Process Control Systems, Poster Session, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=823048
(Accessed March 13, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Exploitation of Security Vulnerabilities Inherent in Common Development of Process Control Systems
Published
Author(s)
Abstract
According to a 2003 study commissioned by the Department of Commerce's National Institute of Standards and Technology, software bugs or errors are prevalent and so detrimental that they cost the U.S. economy an estimated $59.5 billion annually, or about 0.6 percent of the gross national product [18]. These errors translate into security vulnerabilities which are easily exploited. Understanding the inherent risk and consequences of these vulnerabilities is the subject of this paper. Specifically, security issues associated with client/server or producer/consumer software use in industrial control systems are addressed. As shown in the paper, the security issues differ over the system life cycle because security was not designed into the applications, but was added as an afterthought. For this reason, recommended changes to the development life cycle are proposed.Citation
Poster Session
Pub Type
Others
Download Paper
Keywords
Bugs, CIP (Common Industrial Protocols), ICS (Industrial Control Systems), Networks, OSI (Open Systems Interconnect), Risk, SCADA (Supervisory Control and Data Acquisition), SDLC (System Development Life Cycle), Security, Vulnerabilities
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.
Created August 1, 2008, Updated January 27, 2020