Order now
x

Computer Science and Technology: The analysis of the article on ”Research Challenges for Security of Control System”

Introduction

The paper presents the analysis of the article on “Research Challenges for Security of Control Systems” by Cardenas Alvaro, Amin Saurabh, and Sastry Shankar (2008). It also includes the discussion of the article’s relevance to the concepts learned in class and discussed in the textbook System Analysis and Design in a Changing World (Satzinger, Jackson & Burd, 2012). To be specific, the comparison will be based on the concepts of design of security and security control. These two sources are complementing each other, since the course book also discusses solution to the various challenges addressed in the article.

Get a price quote

Order by 00.00

Article Summary

The researchers focused on establishing the importance of the security of control system as well as the fundamental differences, new problems and requirements of the control system security. In their proposal, they design a new mathematical framework that can help the analysis of attacks targeting control system. They utilize the following framework in their generation of two specific research problems – to detect attack and to survive attack (Cardenas et al., 2008).

Class Concept Summary

Specifically, chapter six of the text is related to the chosen article. In general, the chapter introduces various elements, outputs and inputs of design, various design activities, as well as design of the environment. The main focus of the chapter is on the solution system. It builds on the initial chapters that have major focus on analysis activities. It enables the readers to gain understanding of the purpose, requirements of systems, as well as building a system and identifying its structural components. The chapter acknowledges various challenges associated with project design, such as the aspect of project’s beginning when decisions guiding the design have already been accomplished (Satzinger et al., 2012). Thus, the author emphasizes the need for the team responsible for the project to consider the effects of such issues form the onset. Such factors and the associated threats are explained in the article. The chapter comes presents solutions to the challenges discussed in the article.

As already mentioned, the focus will be on the sub-topic Essentials of Systems Design, which is directly related to the article (Satzinger et al., 2012). Under this sub-topic, the author highlights the need for activity designers to ensure that the designed system has safeguards which can offer adequate protection for the assets of the organization. It is these safeguards that the authors call system controls. They emphasize the importance of having effective system controls noting that outsiders have more than ever before become a big threat to organizations. There have been cases of total damage to organizational systems and interference with data. These situations create the need of designing system control more vital than before. The authors stress the need to ensure the inclusion of system controls as well as design of security in every design activity. Such activities as user interface must have well-designed system control if order to be safe from the attackers (Satzinger et al., 2012).

The authors provide an example of user interface as a system control which regulates those who are able to access an organizational system, or authorized users. The system-interface controls help ensure that a system is not interfered with by other systems. On the other hand, there are application controls which also help ensure precise recording of transactions and correct accomplishment of other work of the system. In addition, database controls also helps protect data from any access by unauthorized access as well as loss that may result from the failure of software or hardware. Lastly, the network controls help guarantee the protection of communication through networks. Every control in the system has to be designed in line with the existent technology. The authors conclude with the emphasis on the need to protect controls (Satzinger et al., 2012).

The Significance of the Article to the Course Content

The significance of the article to the course content is in its extensive discussion of the challenges which have to be overcome to safeguard the much needed security of the control systems. The authors are very systematic in the presentation of their study. They begin by introducing their readers to the control systems so that they are aware of the context of the study. Afterwards, they define computer-based systems used in monitoring and controlling physical processes as Process Control Systems (PCS) among other synonyms (Cardenas et al., 2008).

Coming back to the basics, the article complements the course text. For instance, apart from introducing the readers to the definition of the concept, it highlights the composition of the control system; they are a set of agents that are networked. They consist of CPUs, various devices for communication and actuators among others. The article also introduces the reader to the common network architecture. By reading the article, learners are able to discover varying layers. The first one is the physical layer where regulatory control takes place. It is followed by various work stations where physical structures are supervised and planned.

At the highest level is the manufacturing of site operations. At this level, the authors also emphasize a number of control applications. The applications are vital, since, whenever they fail, the controlled physical system may suffer a permanent harm. A good example is SCADA system that is used in supporting the functioning of vital infrastructure at the national level of distributing electrical power. The article can help the students understand the magnitude of the loss that can result from the failure in control systems. It can range from security to health failures as well as economic losses (Cardenas et al., 2008).

The authors also explore new threats and vulnerabilities that control systems are facing, noting that they are affected by computer hazards more than ever before, because computers are the very gadgets used to control the systems (Cardenas et al., 2008). Moreover, the effect is complicated because of the networked nature of the control systems. The systems are both connected to the internet and the corporate world, which makes them very vulnerable (Cardenas et al., 2008). Another factor that aggravates their vulnerability is the fact that many control systems no longer employ components of proprietary hardware and software, but systems of commodity IT (Cardenas et al., 2008). Thus, there is easy inheritance of the components’ vulnerability (Cardenas et al., 2008).

In addition, designs are increasingly becoming more open with growing accessibility. It makes it very easy for attackers to hack the systems. Although the designs are believed to increase the ease with which bugs can be found and fixed, it also leaves the same systems more vulnerable through the increased accessibility (Cardenas et al., 2008). Other factors students can learn from the article are increased functionality and size of the systems, increased size and improved skills of global IT workforce, and, finally, cybercrime (Cardenas et al., 2008). The authors also examined various cases where control systems had been affected by the threats causing great losses. A good example is what happened in Russia in 2000, when the system meant to regulate the country’s gas had its temporary control seized by hackers. Thus, attacks on critical infrastructures come with great consequences.

The authors also highlight a number of efforts that have been put in place by both private and public sectors to enhance control system’s security. For instance, much has been done in such sectors as water, chemicals, oil, and even gas. In America, North America Electric Reliability Corporation has set standards for control systems with respect to cyber-security (Cardenas et al., 2008). There are also efforts to promote studies on how to enhance security of the common control system SCADA. Much work is happening the sensors’ can us in this process (Cardenas et al., 2008).

The authors also bring to the attention of the reader differences between the new and traditional IT security including the fact that control systems no longer allow frequent updates and patching of software. Thus, whenever a control system is upgraded, it requires more time for planning for it to be successfully taken offline. However, control systems are able to widely interact with the physical world. The writers argue that the information system has helped develop effective technologies and principles that can assist with securing control systems (Cardenas et al., 2008).

The recommendations in the article are also credible. The authors note that the disadvantage is that researchers who have focused on computer security have narrowed down their studies to information protection and not the effect of attacks on algorithms and the physical world. Thus, even though the tools used in information security offer some protection to control systems, such mechanisms are never effective enough for stakeholders to assume that control systems are completely secure. They discuss various attack models and system requirements that can help with further enhancement of control systems’ security.

Conclusion

According to the discussion, the article makes those who have read the course text see the need to come up with measures to shelve control systems against unauthorized access. Exploring the sections about design security and system controls has been particularly helpful. Students are left with the urge to carry out an independent study to identify various risks and effects of attacks that have been staged successfully on control systems. In summary, students are left appreciating the need for mitigation efforts aimed at enhancing the awareness of the public and organizations about the vulnerability of control systems. There is also the need to help policy makers design effective policies to address the new challenges that control systems are subject to. Finally, there is a need for recommendations on basic security mechanisms related to preventing, detecting, and responding to breaches on security.

You will have a wonderful opportunity to get prime academic papers!

Testimonials

What our client say