본문 바로가기
  • Trace
1. OT 및 ICS

산업제어시스템 보안 지침서 및 가이드 일부

by seleuchel 2022. 3. 23.

 

위험 평가 부문 

* nist sp 800-30 : 위험 평가에 대한 가이드 

여기서 정의하는 위험 

1) the adverse impacts that would arise if the circumstance or event occurs

2) the likelihood of occurrence”

 

위험 평가 : “the process of identifying, estimating, and prioritizing risks to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation, resulting from the operation of an information system

 

* nist sp 800-82 : 산업제어시스템 보안의 가이드

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf

 

위협 : A threat is “any circumstance or event with the potential to adversely impact organizational operations”

 

cisa가 정의한 공격자의 유형 

foreign intelligence services–national government organizations whose intelligence-gathering and espionage activities seek to harm U.S. interests

 criminal groups–such as organized crime groups that seek to attack for monetary gain

 hackers–regarded as the most widely publicized; however, they often possess very little tradecraft to produce large-duration attacks

 terrorists–adversaries of the U.S. who are less equipped in their cyber capabilities and therefore pose only a limited cyber threat

 

취약점에 대한 정의 (ics-cert) : 

a defect that may allow a malicious actor to gain unauthorized access or interfere with normal operations of systems

1) 인가되지않은 접근 / 시스템의 운영을 침투

 

발생할 수 있는 ICS 취약점의 종류

  • Policy and Procedure–incomplete, inappropriate, or nonexistent security policy, including its documentation, implementation guides (e.g., procedures), and enforcement
  •  Architecture and Design–design flaws, development flaws, poor administration, and connections with other systems and networks
  •  Configuration and Maintenance–misconfiguration and poor maintenance
  •  Physical–lack of or improper access control, malfunctioning equipment
  •  Software Development–improper data validation, security capabilities not enabled, inadequate authentication privileges
  •  Communication and Network–nonexistent authentication, insecure protocols, improper firewall configuration

 

 

 

 

 

 

 

 

저작자표시

'1. OT 및 ICS' 카테고리의 다른 글

OT/ICS 최근 동향/통계 자료가 필요하다면  (0) 2022.04.06
[리뷰] 보안뉴스 : OT보안 리포트  (0) 2022.03.27
RS-485  (0) 2022.03.23
Defence-in-Depth (DID) 심층방어  (0) 2022.03.21
attack tree vs attack graph  (0) 2022.03.14

관련글

티스토리툴바