Risk Assessment for Industrial Control Systems
February 2, 2021
ICS security professionals should report ICS vulnerabilities to the vendor before attackers discover them and offer the vendor with remediation suggestions, mitigation measures, and security solutions to avoid network attack risks before the vulnerabilities are malicious exploited.
Compared with Windows systems, a quite different method is used to assess ICS systems due to their heterogeneity. In other words, ICS systems involve various protocols and hardware configurations and more than one vendor, making it easier to develop exploits that are challenging to develop otherwise.
Before creating exploits, you must have a full grasp of ICSs. Introduction to ICSs is not a key focus of this document and therefore omitted here.
(more…)