Control Systems Security Program (CSSP)

Published by Jack Hunter   – February 17, 2012
Categories: Viruses, Worms, Threats

The goal of the DHS National Cyber Security Division's CSSP is to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local, and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber attack against critical infrastructure control systems through risk-mitigation activities.

CSSP has released Version 4.0.1 of the Cyber Security Evaluation Tool (CSETTM). This new version of the tool can be downloaded. This new release includes new standards such as NERC CIP Revision 3, NRC Regulatory Guide 5.71, a new key requirements set, and Version 7 of the DHS "Catalog of Security Requirements: Recommendations for Standards Developers."  The new CSETTM also includes a fully revised set of reports with complete gap rankings, new diagramming functionality, and a new resource library as well as minor enhancements. This tool supports evaluations of both business and industrial control systems.

ICS-CERT has released several documents outling the vulnerabilities of some control systems

ICS-CERT has released an Advisory titled "ICSA-12-047-01 - Advantech WebAccess Multiple Vulnerabilities" that details 18 vulnerabilities in the Advantech BroadWin WebAccess product.

ICS-CERT has released an ALERT titled "ICS-ALERT-12-046-01 - Increasing Threat to Industrial Control Systems" to inform critical infrastructure and key resource (CIKR) asset owners and operators of recent and ongoing activity concerning increased risk to CIKR assets, particularly Internet accessible control systems.

ICS-CERT has released an UPDATED ALERT titled  "ICS-Alert-12-020-02A - Rockwell Automation ControlLogix Multiple PLC Vulnerabilities" that warns of multiple exploit modules targeting the Ethernet/IP and TCP/IP protocol stacks in PLCs has been released.

ICS-CERT has released an UPDATED ALERT titled  "ICS-ALERT-12-020-03A - (UPDATED) Schneider Electric Modicon Quantum Vulnerabilities" that warns that exploit code affecting the Schneider Electric Modicon Quantum product has been released.

ICS-CERT has released an UPDATED ALERT titled  "ICS-ALERT-12-020-05A - Koyo ECOM100 Multiple Vulnerabilities" that warns about a brute force password cracking tool targeting the ECOM series modules has been released.

Click to Request a Quote or call 281.999.8588