SEC6084 ICS Risk And Audit Methodology Project

Description of Industry

  1. What type of industry is this?
  2. What is the importance of this industry to society?

Industrial Control System Processes Employed

  1. List industrial control system processes specific to industry.industry.
  2. List the control systems that control those processes and how they control those processes.
  3. Createa network diagram displaying the interconnections of the industrial control system devices listed in item 3.
    a. For example: Use ICS CERT CSET, Visio, Excel, Word, etc.

Table of Contents

  • Description of Industry
  • Industrial Control System Processes Employed
  • Profile ICS Security Devices
    • Create Diagrams of ICS Device Network
  • Identify, Measure, and Manage Risks
  • Identify Security Controls
      Apply ICS Security Best Practices
  • Identify Vulnerability Continuous Monitoring Strategy
  • Reference
    • Appendix
    • Example: Industrial Incident or Accident
    • Example: Disaster Recovery and Incident Response
    • Example: Test Outputs
    • Example: Vulnerability Scan Reports
    • Example: Analysis Metrics from Tools
    • Example: Presentations
    • Example: Screenshots of Systems

    • List of Tables and Figures

    Figure 1. Example: ICS System Documentation
    Figure 2. Example: Security Solution Documentation

    Description of Industry

    1. What type of industry is this?
    2. What is the importance of this industry to society?

    Industrial Control System Processes Employed

    1. List industrial control system processes specific to industry.
    2. List the control systems that control those processes and how they control those processes.
    3. Create a network diagram displaying the interconnections of the industrial control system devices listed in item 3.
      • a. For example: Use ICS CERT CSET, Visio, Excel, Word, etc.

    Profile ICS Devices

    1. For each ICS device document:

    1. Logical Ports: For example, 80, 443, etc. http://www.digitalbond.com/tools/the-rack/control-system-port-list/
    2. Protocols Running: For example, SMTP, SNMP, DNP3, Modbus, Fieldbus, Ethernet, etc.
    3. Physical Connection Types: For example, serial, RJ45, USB, parallel, etc. http://www.digitalbond.com/tools/the-rack/control-system-port-list/
    4. Default Accounts: Research the manufacturer’s information on the device. Look for default account information to login with. Check “Default Password List” for an entry: http://www.defaultpassword.com/
    5. Services: Research manufacturer’s information on the device and document services running.
    6. Authentication: Research manufacturer’s website for the device and locate information on how the device authenticates users.
    7. Use of Encryption: Research manufacturer’s website for the device and locate information about encryption. For example, does the device use encrypted connections? Is the back-end database encrypted? What type of encryption does it use? Is public/private key encryption like RSA?
    8. Logging Capability: Research manufacturer’s website for the device and locate information about logging. Answer questions like is logging enabled? Are logs stored locally or remotely?
    9. Other Security Documentation: Does the manufacturer have any security related documentation not provided above that would be of use?

    Identify, Measure, and Manage Risks

    1. Identify risks:
    Risk is a function of M, AV, T, and V:
    R = f (M, AV, T, V)
    R – risk, M – mission importance, AV – asset values, T – threats, V – vulnerabilities

    2. “What”: what is the problem/challenge in managing risks and auditing the ICS?
    Explain how you might measure
    “Why”: why do you need and want to solve the problem?
    “How”: how do you economically solve it?

    Identify Security Controls

    Select security controls based on results from “Industrial Control System Processes Employed” and “Profile ICS Devices”: Reference either ICS CERT CSET or NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf

    Apply ICS Security Best Practices

    1. NIST 800-82, Industrial Control System Security, http://csrc.nist.gov/publications/drafts/800-82r2/sp800_82_r2_draft.pdf

    2. Identify unremediated risks and choose risk strategy: Accept risk, avoid risk, mitigate risk, share risk, transfer risk, combination. Reference: NIST 800-37, Guide for Applying the Risk Management Framework to Federal Information Systems, http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r1.pdf

    Identify Vulnerability Continuous Monitoring Strategy

    1. Examples:
      1. Nessus - Bandolier modules.
      2. Metasploit – ICS exploits.
      3. Snort
      4. Nmap – Identify ICS “friendly” scans.
    2. Are these IA certified tools? How so?
      1. For example:
        1. NIAP: https://www.niap-ccevs.org/CCEVS_Products/pcl.cfm
        2. Common Criteria: https://www.commoncriteriaportal.org/products/
      2. For example: Are these tools SCAP-compliant?
    3. Create script rules for baselining each ICS system.
      1. For example scripts rules should audit:
        1. Installed programs.
        2. Users, groups.
        3. Shares.
        4. Services.
        5. Processes.
        6. Etc.
    Assignment help with SEC6084

    Answer Detail

    Get This Answer

    Save Time & improve Grades

    • Questions Asked 685059
    • Experts 5361
    • Total Answered 659177

    Start Excelling in your courses, Ask an Expert and get answers for your homework and assignments!!

    Our Amazing Features

    • Plagiarism Free Work

      Our experts provide 100 % original and customized work On time Delivery

    • 24*7 Customer Support

      We provide 24*7 online customer supports via online chat or email

    • Cover All Subject

      JQA is one stop solution for all subject’s Assignment. We can provide assignment help for almost all subjects.

    • Best Industry experts

      We have 1000+ PHD and Post Graduate experts.

    Refer Just 5 Friends to Earn More than $1000

    • Your Approx Earning

      USD 2350/year

    Your Custom Referral Link:

    Hire a tutor

    Assignment hero

    USA

    I am an experienced tutor of 7+ years in all math, physics, and Spanish, SAT, and ACT tutoring. I love working with students and seeing them improve on and grasp concepts!

    Guru

    USA

    Need help in Maths and science ? Look no further . contact me so i can help you . i have been a academic tutor for 10 years . Hire me for help in assignments.

    Vikas

    USA

    After 13 years of working with students across the country, we have the experience and knowledge to provide the best possible academic support for your academics.

    Rgaurav

    India

    I have experience teaching AP Calculus AB and BC, Algebra I, Algebra II, Trigonometry, SAT Math Preparation, and Geometry. I have tutored students ranging from 8th grade to college students.

    Invite Tutor