The Automation Federation has released a public report—commissioned on behalf of the Linking Oil and Gas Industry to Improve Cybersecurity (LOGIIC)—that examines the use of virtualization technology in industrial automation and control system (IACS) environments.
Virtualization allows for the implementation of environments via a software-based solution rather than with the introduction of additional hardware. Like other industries, interest is high on any opportunities that can reduce the hardware footprint, address challenges of finding hardware for unsupported operating systems, and provide flexibility in creating training and testing environments.
The LOGIIC virtualization report—accessible on the LOGIIC website—outlines the critical factors that should be weighed when considering virtualization in an IACS environment; and evaluates and tests current automation system vendor practices to generate guidelines and reference architectures for securing virtual environments spanning multiple process control network layers.
The report also is designed to prompt and support an ongoing dialogue between critical infrastructure asset owners and operators and automation system vendors.
The LOGIIC Consortium, now celebrating its 10-year anniversary, was established by members of the oil and gas industry in partnership with the Cybersecurity Research and Development Center (CSRDC) of the US Department of Homeland Security (DHS), Science and Technology (S&T) Directorate to study cybersecurity issues in IACS that impact safety and business performance as they pertain to the oil and gas sector.
LOGIIC’s objective is to promote the interests of the sector while maintaining impartiality, the independence of the participants, and vendor neutrality. Current members of LOGIIC include BP, Chevron, Shell, Total, and other large oil and gas companies that operate significant global energy infrastructure.
The Automation Federation serves as the LOGIIC host organization and has entered into agreements with the LOGIIC member companies and all other LOGIIC project participants.
LOGIIC regularly sponsors research initiatives that involve the interests of oil and gas sector stakeholders. Member companies contribute financially and technically, provide personnel who meet regularly to define projects of common interest, and provide staff to serve on the LOGIIC Executive Committee.
The US Department of Homeland Security, Science and Technology Directorate has contracted with the scientific research organization SRI International to provide scientific and technical guidance for LOGIIC.
Industrial control, automation, package, security and other related vendors have made LOGIIC projects possible by volunteering their time, knowledge, equipment and test environments. Subject-matter experts work with SRI International to refine the evaluation strategy, perform the system evaluations and develop project reports.
|
CISA Adds 2 VMware Vulnerabilities to KEV – 11-21-24
-
Yesterday CISA announced the addition of two vulnerabilities in the VMware
vCenter Server to their Known Exploited Vulnerabilities (KEV) catalog. The
vul...
No comments:
Post a Comment