ISA99 Launches Cyber Threat Gap Analysis Task Group

March 7, 2011
Purpose is to determine whether ISA99 standards effectively protect against sophisticated cyber attacks.

The International Society of Automation's ISA99 standards committee on industrial automation and control systems security has formed a task group to conduct a gap analysis of the current ANSI/ISA99 standards. The analysis will address the rapidly evolving threat landscape, as demonstrated by the highly publicized Stuxnet malware.

The purpose is to determine if companies following the ISA99 standards would have been protected from such sophisticated attacks and to identify changes needed, if any, to the standards being developed by the ISA99 committee. The new task group intends to produce a technical report summarizing the results of its analysis by mid-2011, ISA says.

Stuxnet is a highly sophisticated computer worm that was first disclosed in the summer of 2010. It is the first known malware to have been specifically written with the intent to compromise a control system and sabotage an industrial process. Stuxnet’s capabilities are being well documented in the press, and some of these capabilities may migrate into new threats, ISA reports. Going forward, automation systems must be able to detect and either block or be able to recover from advanced Stuxnet-like threats.

The ANSI/ISA99 standards address the vital issue of cyber security for industrial automation and control systems. The standards describe the basic concepts and models related to cyber security, as well as the elements contained in a cyber security management system for use in the industrial automation and control systems environment. They also provide guidance on how to meet the requirements described for each element.

For more information, visit http://www.isa.org.

Sponsored Recommendations

Keys to Improving Safety in Chemical Processes (PDF)

Many facilities handle dangerous processes and products on a daily basis. Keeping everything under control demands well-trained people working with the best equipment.

Comprehensive Compressed Air Assessments: The 5-Step Process

A comprehensive compressed air audit will identify energy savings in an air system. This paper defines the 5 steps necessary for an effective air audit.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Managing and Reducing Methane Emission in Upstream Oil & Gas

Measurement Instrumentation for reducing emissions, improving efficiency and ensuring safety.