Monday, November 29, 2010

Energy Infrastructure Security: Pipelines by William (Tim) Shaw, PhD, CISSP, Senior Consultant - Cyber SECurity Consulting (author bio)

Pipelines are an essential component of our national infrastructure.Because pipelines are used to transport both volatile and hazardous materials, and because of their proximity to population centers, pipelines are recognized as presenting a potential safety and environmental hazard.
As Josef Stalin is purported to have said: “The purpose of terrorism is to terrorize.” As a target for terrorists, major pipelines offer the possibility of inflicting death and destruction as well as creating related economic repercussions.
The US, British, and Canadian governments all have active programs and policies for protecting these vital transportation infrastructure resources. In the US, the assignment for security of
pipelines has been assigned to the Transportation Safety Administration under the Department of Homeland Security. The TSA has set forth a series of guidelines and recommendations for
securing pipelines, including the SCADA systems used to monitor and control them.

Under these guidelines, a vulnerability assessment is recommended in order to identify potentialpoints of weakness that could be exploited, followed by the establishment of a security
management program that addresses these weaknesses and maintains a periodic review of the overall security status. Part of such a program will be the implementation of technical, physical, and administrative/procedural “countermeasures” that address the identified vulnerabilities.

Another key factor in such a program is employee education and training. This report amplifies these basic points and is intended to aid pipeline owners and operators in making a SCADA
vulnerability assessment and identifying and implementing appropriate countermeasures.

Written at a fairly nontechnical level this report serves as the go-to resource for protecting your pipelines.

Some of the report highlights and features:
  • Pipeline Industry and Infrastructure Overview
  • Threats, Risk, Vulnerabilities and Consequences
  • Cyber Threats and Attack Methods
  • Approaches for System reconaissance
  • Countermeasures
  • DOE’S “21 STEPS TO SECURE A SCADA SYSTEM 
Purchase required.
http://www.pennenergy.com/index/research-and_data/oil-and_gas/product-display/7452962202/products/pennenergy/research/Petroleum/HSSE/reports/Energy-Infrastructure-Security-Pipelines.html

No comments:

Post a Comment