Top 10 vulnerabilities for SCADA control systems

1. Inadequate policies and procedures governing control system security

2. Poorly designed control system networks that:
a. Fail to compartmentalize communication connectivity with corporate networks and other entities outside of the control system electronic security perimeter
b. Fail to employ sufficient “defense-in-depth” mechanisms
c. Fail to restrict “trusted access” to the control system network
d. Rely on “security through obscurity” as a security mechanism.

3. Misconfigured operating systems and embedded devices that allow unused features and functions to be exploited; untimely implementation of software and firmware patches; inadequate testing of patches prior to implementation

4. Use of inappropriate wireless communication

5. Use of non-deterministic communication for command and control such as Internet-based SCADA; inadequate authentication of control system communication-protocol traffic

6. Lack of mechanisms to detect and restrict administrative or maintenance access to control system components; inadequate identification and control of modems installed to facilitate remote access; poor password standards and maintenance practices; limited use of VPN configurations in control system networks

7. Lack of quick and easy tools to detect and report on anomalous or inappropriate activity among the volumes of appropriate control system traffic

8. Dual use of critical control system low-bandwidth network paths for non-critical traffic or unauthorized traffic

9. Lack of appropriate boundary checks in control systems that could lead to “buffer overflow” failures in the control system software itself

10. Lack of appropriate change management or change control on control system software and patches
source: Mcafee 2007