Industrial Automation Control System

From CIPedia
Jump to: navigation, search

Industrial control system (ICS) is a general term that encompasses several types of control systems, including supervisory control and data acquisition (SCADA) systems, Distributed Control Systems (DCS), and other \control system configurations such as skid-mounted Programmable Logic Controllers (PLC) often found in the industrial sectors and critical infrastructures. ICSs are typically used in industries such as electrical, water and wastewater, oil and natural gas, chemical, transportation, pharmaceutical, pulp and paper, food and beverage, and discrete manufacturing (e.g., automotive, aerospace, and durable goods). [1]

While control systems used in distribution and manufacturing industries are very similar in operation, they are different in some aspects. One of the primary differences is that DCS or |PLC-controlled sub-systems are usually located within a more confined factory or plant-centric area, when compared to geographically dispersed SCADA field sites. DCS and |PLC communications are usually performed using local area network (LAN) technologies that are typically more reliable and high speed compared to the long-distance communication systems used by SCADA systems. In fact, SCADA systems are specifically designed to handle long-distance communication challenges such as delays and data loss posed by the various communication media used. DCS and PLC systems usually employ greater degrees of closed loop control than SCADA systems because the control of industrial processes is typically more complicated than the supervisory control of distribution processes. [1]

Definitions

National Definitions

Israel

מערכת מבוססת מחשוב, המנטרת ומבקרת תהליכים המתחוללים בתוך מערכת יצור תעשייתית [2]


Lithuania

Industrial process control system is a information and communication technology-based software system made ​​for any process that monitors or manages industry, energy, transport, water utilities and other sectors of economic activity.

Pramoninių procesų valdymo sistema – iš informacinėmis ir ryšių technologijomis grindžiamos įrangos sudaryta sistema, skirta technologiniams procesams stebėti ar valdyti pramonės, energetikos, transporto, vandens tiekimo paslaugų ir kituose ūkinės veiklos sektoriuose. [3]


Netherlands

Industriële controlesystemen (ook Supervisory Control And Data Acqusition, SCADA genoemd) zijn meet- en regelsystemen, bijvoorbeeld voor de aansturing van industriële processen of gebouwbeheersystemen. ICS verzamelen en verwerken meet- en regelsignalen van sensoren in fysieke systemen en regelen de aansturing van de bijbehorende machines of apparaten. [4]


Russian Federation

автоматизированная система управления производственными и технологическими процессами критически важного объекта инфраструктуры Российской Федерации (далее - автоматизированная система управления КВО) - комплекс аппаратных и программных средств, информационных систем и информационно- телекоммуникационных сетей, предназначенных для решения задач оперативного управления и контроля за различными процессами и техническими объектами в рамках организации производства или технологического процесса критически важного объекта, нарушение (или прекращение) функционирования которых может нанести вред внешнеполитическим интересам Российской Федерации, стать причиной аварий и катастроф, массовых беспорядков, длительных остановок транспорта, производственных или технологических процессов, дезорганизации работы учреждений, предприятий или организаций, нанесения материального ущерба в крупном размере, смерти или нанесения тяжкого вреда здоровью хотя бы одного человека и (или) иных тяжелых последствий (далее - тяжкие последствия).

A (critical) automated control system of production and technological processes of critical infrastructure of the Russian Federation is a set of hardware and software, information systems and information and telecommunication networks designed to meet the challenges of operational management and control of the various processes and technical objects in the organisation of production or process critical facility, a violation (or termination) of the operation which may harm the interests of the foreign policy of the Russian Federation, the cause of accidents and disasters, riots, long stops transport, industrial or technological processes, disorganisation of institutions, businesses or organisations that material damage on a large scale, the death or serious injury of at least one person and (or) other severe consequences (further - serious consequences). [5]


Turkey

Endüstriyel Kontrol Sistemleri: Geleneksel bilişim teknolojileri dışında, programlanabilir mantıksal denetleyiciler aracılığı ile üretim, ürün işleme ve dağıtım kontrolleri gibi endüstriyel işlemler için kullanılan, SCADA (Supervisory Control and Data Acquisition) ve Dağınık Kontrol Sistemleri şeklinde gruplanan bilgi sistemlerini. [6]

Industrial Control Systems: Information systems in the SCADA (Supervisory Control and Data Acquisition) and Distributed Control Systems groups, which are used for industrial operations such as production, product processing and distribution controls via programmable logical controllers other than conventional information technologies. [7]

United Kingdom

Industrial Control System (ICS) is an information system used to control industrial processes, such as manufacturing, product handling, production and distribution, or to control infrastructure assets. [8]

United States

DHS
Industrial Control System is an information system used to control industrial processes such as manufacturing, product handling, production, and distribution or to control infrastructure assets. [9]

Control Systems: Computer-based systems used within many infrastructure and industries to monitor and control sensitive processes and physical functions. These systems typically collect measurement and operational data from the field, process and display the information, and relay control commands to local or remote equipment or human-machine interfaces (operators). [10]
Examples of types of control systems include SCADA systems, Process Control Systems, and Distributed Control Systems.
NIST
An information system used to control industrial processes such as manufacturing, product handling, production, and distribution. [11]

Industrial control systems include Supervisory Control and Data Acquisition (SCADA) systems used to control geographically dispersed assets, as well as distributed control systems (DCSs) and smaller control systems using programmable logic controllers to control localized processes.

Industrial Control System: General term that encompasses several types of control systems, including Supervisory Control and Data Acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC) often found in the industrial sectors and critical infrastructures. An ICS consists of combinations of control components (e.g., electrical, mechanical, hydraulic, pneumatic) that act together to achieve an industrial objective (e.g., manufacturing, transportation of matter or energy). (from: CNSSI 4009-2015 (NIST SP 800-82 Rev. 1 and 2)) [1]

Standard Definition

ISA-62443-1-1

Collection of personnel, hardware, and software that can affect or influence the safe, secure, and reliable operation of an industrial process. [12]

ISA-62443-3-3

Collection of personnel, hardware, software and policies involved in the operation of the industrial process and that can affect or influence its safe, secure and reliable operation. [12]


Cyber Security Good Practice for Industrial Automation Control Systems

Global Conference on CyberSpace 2015 (GCCS2015)

Cyber Security of Industrial Control Systems [13]: Crucial processes in most critical infrastructures, and in many other organisations, rely on the correct and undisturbed functioning of Industrial Automation Control Systems. A failure of ICS may both cause critical services to fail and may result in safety risk to people and or the environment. Therefore, their cyber security and resilience is of utmost importance to society as a whole, to utilities and other critical infrastructure operators, and to organisations which use IACS. This good practice document provides private and public sector executives with an Executive Summary outlining the ICS risk and challenges. The document provides governmental policy-makers, technical managers, ICS suppliers and others involved in the ICS domain with background and security awareness information about the cyber security challenges for ICS. Moreover, the document provides a perspective for action and pointers to seventy relevant resources.

Good Practices

  • Cyber security of industrial control systems (GCCS 2015) [14]


See also


Notes

  1. 1.0 1.1 1.2 K. Stouffer, J. Falco, K. Kent, Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, June 2011
  2. CERT.IL Glossary
  3. LIETUVOS RESPUBLIKOS KIBERNETINIO SAUGUMO ĮSTATYMAS 2014 m. gruodžio 11 d. Nr. XII-1428 Vilnius
  4. Cybersecuritybeeld Nederland 2016
  5. NATIONAL SECURITY OF RUSSIA - Information security (February 3, 2012, № 803)
  6. 2016-2019 UlUSAL SİBER GÜVENLİk STRATEJİSİ (Sept. 2016)
  7. Turkey's National Cyber Security Strategy 2016-2019 (2016)
  8. National Cyber Security Strategy 2016, HM Government
  9. DHS/NICSS Glossary
  10. NIPP 2013: Partnering for Critical Infrastructure Security and Resilience (2013)
  11. NIST Special Publication 800-53 Rev 4: Security and Privacy Controls for Federal Information Systems and Organizations (April 2013)
  12. 12.0 12.1 ISA99 Committee Master Glossary.
  13. Luiijf and Te Paske (2015), Cyber Security of Industrial Control Systems
  14. https://www.tno.nl/en/focus-areas/defence-safety-security/cyber-security-resilience/cyber-security-of-industrial-control-systems/

References

  • ERNCIP's Thematic Group on Case Studies for the Cyber-Security of Industrial Automation and Control Systems [1]