Table of Contents
Advertisement
Cybersecurity considerations for electrical distribution systems
5.1.6.2.1 Three-tier architecture for a secure control network
Above figure shows that the control networks are divided into layers or zones based on control functions, which are then
connected by conduits (connections between the zones) that provide security controls to:
•
Control access to zones
•
Resist denial of services (DOS) attacks or the transfer of malware
•
Shield other network systems
•
Protect the integrity and the confidentiality of network traffic
Beyond network segmentation, access control (both physical and logical) should be defined and implemented.
The key consideration when designing access control is defining the required interactions both within a given zone and between
zones. These interactions should be mapped out clearly and prioritized based on need. It is important to realize that every hole
poked in a firewall and each non-essential functionality that provides access or creates additional connectivity increases potential
exposure to attacks. A system then becomes only as secure as the devices connecting to it.
If mapped correctly, the potential adverse impact to control system reliability and functionality should be negligible. However, this
element introduces additional costs (in terms of firewall and other network infrastructure) and complexity to the environment.
Securing the Network Management Module – 192
- Quick Links:
- Accessing the Network Module
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the Network-M2 and is the answer not in the manual?