Critical infrastructures, such as electricity generation plants, transportation systems, oil refineries, chemical factories and manufacturing facilities are large, distributed complexes. Plant operators must continuously monitor and control many different sections of the plant to ensure its proper operation. During the last decades this remote command and control has been made feasible due to the development of networking technology and the advent of Industrial Control Systems (ICS). ICS are command and control networks and systems designed to support industrial processes. The largest subgroup of ICS is SCADA (Supervisory Control and Data Acquisition) systems.

ICS have passed through a significant transformation from proprietary, isolated systems to open architectures and standard technologies highly interconnected with other corporate networks and the Internet. Today ICS products are mostly based on standard embedded systems platforms, applied in various devices, such as routers or cable modems, and they often use commercial off-the shelf software. All this has resulted in reduction of costs, ease of use and enabled the remote control and monitoring from various locations. However, an important drawback derived from the connection to intranets and communication networks, is the increased vulnerability to computer network-based attacks.

With the report Protecting Industrial Control Systems. Recommendations for Europe and Member States started its efforts in ICS SCADA security. Further details of the study as well as broad information on the relevant topics are:

Since then, ENISA has published several studies

In 2014 ENISA established the ENISA ICS Security  Stakeholder Group and in 2015 took over the coordination of EuroSCSIE - European SCADA and Control Systems Information Exchange.  

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information