How to conduct physical security evaluations for SCADA

1. Conduct a physical security survey and inventory access points at each facility that has a connection to the SCADA system.

2. Identify and assess any source of information including remote telephone/computer network/ fiber optic cables that could be tapped; radio and microwave links that are exploitable; computer terminals that could be accessed; and wireless local area network access points.

3. Identify and eliminate single points of failure.

4. The security of the site must be adequate to detect or prevent unauthorized access. Do not allow “live” network access points at remote, unguarded sites simply for convenience