Data & Information Security
|
The issue of Data and Information Security is of
critical importance in the operation and maintenance of SCADA and
Process Control systems.
It is our experience that in many forums,
security is a neglected aspect of the process control environment,
even at the most basic level.. |
Dams & pipelines are spread over quite large geographical areas
& require special care.
It is important to match the water supply asset (dam, pump-station
etc) to the appropriate level of security.
A SOE (Standard Operating Environment) is an
important element of SCADA & Process Control.
Training & documented policies, procedures,
&
standards describe the context application of SCADA & Process Control
security. |
Security
Application Environment
|
Our process control & SCADA security consultancy
includes:
-
Water Treatment Plants;
-
Sewerage Treatment Plants;
-
Control Centres, Operations &
Maintenance Facilities;
-
Pump Stations and Pipelines;
-
Dams & Related Works.
In terms of actual on-site systems, we plan and
design:
-
Surveillance systems (cameras,
movement-detectors etc);
-
Physical security of assets & access
to control systems;
-
Electronic security including use of
passwords, tokens etc;
-
Protection of transmission against
malicious/accidental impacts;
-
Application of security protocols as
protection against eave-dropping, spoofing, denial-of-service
attacks etc.
|
Scope of
Security Consultancy
& Strategy
|
The scope of our services comprises all aspects
from investigation, through to design, implementation and project
management. Nufer & Associates approach to security
is a pragmatic one which includes:
-
Overall threat assessments;
-
Matching technology and risk
assessment outcomes;
-
Analysis of existing and long-term
operational objectives.
-
Integration with overall security
plan.
From the organisational viewpoint, our services
comprise:
-
Review of existing policies,
procedures and standards;
-
Analysis of current organisation and
operational environment;
-
Leveraging of existing corporate
security where possible;
-
Implementing a graded response which
protects the network core;
-
Use of existing off-the-shelf
solutions where available;
-
Matching asset security and
operational needs.
In support of the actual implementation of
security for SCADA and process control, Nufer & Associates provide
clients with comprehensive design and
project management services
which include all aspects from WAN/LAN & telemetry security through
to the set-up of a standard
operating environment (SOE) for equipment, through to testing of
installed system. |
