Monday, February 24, 2014

Useful Industrial Control Security References from ENISA

ENISA - the European Union Agency for Network and Information Security has been quietly building a collection of useful references for industrial control system (ICS) security.  Since 2011 with their publication of Protecting Industrial Control Systems.Recommendations for Europe and Member States, Dr. Konstantinos Moulianos and his staff have done a nice job facilitating development of useful publications for those of us in this domain.

What I'd like to do is to continue to tell you of the other ICS-security-related products that have been published that may be useful references for students and practitioners of ICS security.

In 2011 as ENISA was publishing the referenced document above (and shown in the photo) they also produced five separate Annexes as part of the Recommendations document.  These documents were certainly foundational to the continued expansion of the ENISA ICS Security "product line."  One document I found to be a useful introductory discussion of ICS security was the ENISA document Protecting Industrial Control Systems, Annex I: Desktop Research Results.  Similar to NIST 800-82, Guide to Industrial Control System (ICS) Security, this document is a helpful background "textbook" on the basic issues associated with ICS security, emerging issues, the challenges with securing ICS systems, and known good practices as of 2011.

Later in 2013, ENISA was very busy publishing several useful documents to aid in improving cybersecurity in Europe but of course helping the rest of the world with its guidance and studies.  In particular ENISA facilitated and funded a study on identifying ways to improve on ICS component and system testing in the EU. (I was honored to have been included in the interview process for this study.)  The result was the ENISA document Good Practices for an EU ICS Testing Coordination Capability.  This document certainly raised some awareness on how to proceed in Europe with development of an ICS testing capability but it can also be used in other nations just beginning to  examine their ICS security reviews.

One very useful desk reference that came out of the EU ICS Testing Coordination project was publication of ICS Security Related Working Groups, Standardsand Initiatives (2013).  This particular document is an excellent collection of the various global standards, guidelines and studies conducted that focus on ICS security issues.  This one is a "keeper!"

Finally, in late 2013 the ENISA team was very busy with some white papers and briefings on ICS security issues we are all facing.  The documents and their links are listed below:
I trust you found this an enlightening review of the ENISA ICS Security work since 2011 and I'd suggest you keep them on your mind when looking for ICS security resources and references to help improve and harden your security programs.