Browse Definitions :
Definition

ICS security (industrial control system security)

ICS security is the area of concern involving the safeguarding of industrial control systems, the integrated hardware and software designed to monitor and control the operation of machinery and associated devices in industrial environments.

Industrial control systems are used in machinery throughout a wide range of industries all around the world. The systems monitor, manage and administer everything from nuclear power plants and other utilities to HVAC installations, robotics and even prison cell doors.

Historically, these systems were not networked and lacked computing and communications technologies. A major focus of the burgeoning Internet of Things (IoT) – and the Industrial IoT in particular – is networking non-computing devices and making it possible for them to exchange data over the Internet. Although industrial control systems may not themselves be connected to the Internet, the human-machine interfaces (HMI) through which they are managed typically are.     

Industrial systems, including critical infrastructure, are increasingly being networked and outfitted with computing and communications technologies. The trend to IT/OT convergence means that systems used for data-centric computing -- IT systems -- are being integrated with the operational technology (OT) systems used to monitor events, processes and devices and make adjustments in enterprise and industrial operations.

Ironically, because ICS often support critical infrastructure, they cannot easily be taken down for security updates and so often remain unpatched and vulnerable. Furthermore, because the systems have very limited computing resources, they often lack the capacity to run antimalware software.

This was last updated in March 2016

Continue Reading About ICS security (industrial control system security)

SearchCompliance
  • OPSEC (operations security)

    OPSEC (operations security) is a security and risk management process and strategy that classifies information, then determines ...

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • compliance risk

    Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...

SearchSecurity
  • private key

    A private key, also known as a secret key, is a variable in cryptography that is used with an algorithm to encrypt and decrypt ...

  • DOS (disk operating system)

    A DOS, or disk operating system, is an operating system that runs from a disk drive. The term can also refer to a particular ...

  • security token

    A security token is a physical or digital device that provides two-factor authentication for a user to prove their identity in a ...

SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • change control

    Change control is a systematic approach to managing all changes made to a product or system.

  • disaster recovery (DR)

    Disaster recovery (DR) is an organization's ability to respond to and recover from an event that affects business operations.

SearchStorage
  • What is RAID 6?

    RAID 6, also known as double-parity RAID, uses two parity stripes on each disk. It allows for two disk failures within the RAID ...

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

  • VRAM (video RAM)

    VRAM (video RAM) refers to any type of random access memory (RAM) specifically used to store image data for a computer display.

Close