Exploitation of Security Vulnerabilities Inherent in Common Development of Process Control Systems
According to a 2003 study commissioned by the Department of Commerce's National Institute of Standards and Technology, software bugs or errors are prevalent and so detrimental that they cost the U.S. economy an estimated $59.5 billion annually, or about 0.6 percent of the gross national product . These errors translate into security vulnerabilities which are easily exploited. Understanding the inherent risk and consequences of these vulnerabilities is the subject of this paper. Specifically, security issues associated with client/server or producer/consumer software use in industrial control systems are addressed. As shown in the paper, the security issues differ over the system life cycle because security was not designed into the applications, but was added as an afterthought. For this reason, recommended changes to the development life cycle are proposed.
Bugs, CIP (Common Industrial Protocols), ICS (Industrial Control Systems), Networks, OSI (Open Systems Interconnect), Risk, SCADA (Supervisory Control and Data Acquisition), SDLC (System Development Life Cycle), Security, Vulnerabilities
Exploitation of Security Vulnerabilities Inherent in Common Development of Process Control Systems, Poster Session, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=823048
(Accessed June 3, 2023)