Joining technical and organizational measures to secure process IT in critical infrastructure

Konferenz: Internationaler ETG-Kongress 2013 – Energieversorgung auf dem Weg nach 2050 - Symposium 1: Security in Critical Infrastructures Today
05.11.2013 - 06.11.2013 in Berlin, Deutschland

Tagungsband: Internationaler ETG-Kongress 2013 – Energieversorgung auf dem Weg nach 2050

Seiten: 6Sprache: EnglischTyp: PDF

Persönliche VDE-Mitglieder erhalten auf diesen Artikel 10% Rabatt

Autoren:
Kurscheid, Joerg (TenneT TSO GmbH, Bayreuth, Germany)

Inhalt:
The paper focuses on access concepts for critical assets and IT- security as an interdisciplinary process for a Transmission System Operator (TSO). It describes briefly the history and current situation in Energy Management Systems (EMS / SCADA). Examples are given, how technical, structural and organizational measures can be used to strengthen IT-security for SCADA. The top 10 threat list for Industrial Control Systems from the Federal Office for Information Security (BSI) [1] is evaluated from EMS’s point of view. Options how to combine technical and organizational measures for SCADA are shown. A short description is given how to retrofit security into a system which was originally not designed with IT-security. Boundaries and adaptable parameters are shown coming from the particular situation in the TSO grid control. Where standard cyber security can do harm to your system, is briefly described. The article does not focus on privacy.