Recommended Practices
This page provides abstracts for existing recommended practices and links to the source documents. Additional supporting documents detailing a wide variety of control systems topics associated with cyber vulnerabilities and their mitigation have been developed and vetted by control systems SMEs. These documents will be updated and topics added to address additional content and emerging issues.
- Updating Antivirus in an Industrial Control System
Full Updating Antivirus in an Industrial Control System document - Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies
Abstract for Defense-in-Depth
Full Defense-in-Depth document - Creating Cyber Forensics Plans for Control Systems
Abstract for Cyber Forensics Plans
Full Cyber Forensics Plan document - Developing an Industrial Control Systems Cybersecurity Incident Response Plan
Abstract for Incident Response Plan
Full Incident Response Plan document - Good Practice Guide for Firewall Deployment on SCADA and Process Control Networks
Abstract Firewall Deployment
Full Firewall Deployment document (external web site) - Recommended Practice Case Study: Cross-Site Scripting
Abstract for Cross-Site Scripting Case Study
Full Cross-Site Scripting Case Study document - Patch Management for Control Systems
Abstract for Patch Management
Full Patch Management document - Securing Control System Modems
Abstract for Securing Control Systems Modems
Full Securing Control System Modems document - Remote Access for Industrial Control Systems
Abstract for Remote Access for ICS
Full Remote Access document
Supporting Documents
- Cybersecurity Procurement Language Guidance
Cybersecurity Procurement Language for Energy Delivery Systems (ESCSWG 2014)
Cybersecurity Procurement Language for Control Systems (DHS 2009) - Mitigations for Vulnerabilities in Control Systems Networks
Abstract for Control Networks Mitigations
Full Control Networks Mitigations document - Undirected Attack Against Critical Infrastructure: Case Study for Improving ICS Security
Abstract for Undirected Attack Case Study
Full Undirected Attack Case Study document - Backdoors and Holes In Network Perimeters: Case Study for Improving ICS Security
Abstract for Network Perimeters Case Study
Full Network Perimeters Case Study document - Attack Methodology Analysis: SQL Injection Attacks
Abstract for SQL Attack Methodology Analysis
Full SQL Attack Methodology document (PDF on HSIN portal; membership required) - Understanding OPC and How it is Deployed
Abstract for Understanding OPC
Full Understanding OPC document - OPC Exposed
Abstract for OPC Exposed
Full OPC Exposed document - Guidelines for Hardening OPC Hosts
Abstract for Hardening OPC
Full Hardening OPC document - Security Implications of OPC, OLE, DCOM, and RPC in Control Systems
Abstract for OPC/OLE/DCOM/RPC in Control Systems
Full OPC/OLE/DCOM/RPC document - DHS Bulletin: Securing Control Systems
Full Bulletin (PDF)