Handbook for Self-assessing Security Vulnerabilities and Risk of Industrial Control Systems on Dod Installations

Publisher Marketing: This handbook is intended for use primarily by Department of Defense (DOD) installation commanders, supported by staff members, as a management tool to self-assess,1 prioritize, and manage mission-related vulnerabilities and risks that may be exposed or created by connectivity to ICS. ICS include a variety of systems or mechanisms used to monitor and/or operate critical infrastructure elements, such as electricity, water, natural gas, fuels, entry and access (doors, buildings, gates), heating & air-conditioning, runway lighting, etc. Other terms often heard include SCADA, DCS, or EMCS.2 Throughout this book the term "ICS" is used as encompassing such variations. This book is intentionally generic. Whatever the category of ICS, the approach to vulnerability assessment and risk management is similar. The applicability of actions recommended here may be extended to any DOD military installation regardless of the specific categories of ICS encountered. In keeping with the generic approach and due primarily to the unique nature of each installation's infrastructure, beyond a couple of exceptions there are no checklists, standard operating procedures (SOP), or similar sets of lock-step actions provided here. However, a risk management team using the handbook likely will want to develop checklists tailored to their specific circumstances. Among other purposes, this handbook is intended to increase awareness of how a threat related to the ICS itself translates into a threat to the mission, either directly through the ICS or circuitously via network connections. Every military installation has numerous mission-support processes and systems controlled by, or that otherwise depend on, ICS. Every connection or access point represents potential vulnerabilities and, therefore, risks to the system under control (i.e., electrical, water, emergency services, etc.), which can escalate quickly to adverse impact on mission essential functions (MEF) and mission accomplishment. Fundamentally then, this handbook is provided to help the installation leadership conduct a risk self-assessment focused on ICS and supported missions and then implement plans to manage that risk. Most of the information contained herein is not unique to this publication. Two unique aspects are: (1) the aggregation of disparate information into one place, distilling essentials, and tailoring to DOD installation leadership; and (2) bringing cyber/information technology (IT), civil engineers, public works, and mission operators together with a singular focus on ICS security in support of missions. This handbook (via Appendices) also points to additional resources.