Author :
McIntyre, Alexis ; Lindqvist, Ulf ; Peterson, Bela ; Tudor, Z.
Author_Institution :
Ardua Strategies, Paris, TX, USA
Abstract :
Protection of ICS process control data, networks, applications, and host operating systems, particularly in multi-vendor environments, is a critical, on-going requirement for the oil and gas sector. A loss of control over a critical control process potentially could result in loss of life, personnel injury, environmental impact, facility damage, production loss, and economic cost. System maintenance and protection increasingly centers on patching vulnerable automation software and operating systems, many of which have reached end-of-life, are unsupported by the vendor, or lack economic basis for replacement. A new alternative to the classic patching approach to maintaining system security, application whitelisting (AWL) technology, was evaluated against a set of established criteria that support continuity of operations in critical system environments by providing strong cybersecurity. This report presents findings of the LOGIIC program regarding application whitelisting, key attributes to its use in an ICS environment, and general conclusions about its implementation.
Keywords :
control engineering computing; gas industry; industrial control; petroleum industry; security of data; AWL technology; ICS process control data; LOGIIC program; application whitelisting technology; cybersecurity; gas sector; host protection strategy; industrial control system; multivendor environment; oil sector; system maintenance; system protection; Automation; Malware; Operating systems; Process control; Servers; Industrial control system security; antivirus; application whitelisting; cyber security; host protection;
