Assignment Work

User Generated

fenizrqv

Computer Science

Description

This is My assignment to be done... I need in 3 parts... Explain briefly each part upto 4-5 pages with References in APA format. No plagiarism need own work.. Need citation for each paragraph.


PART-1

Description of Industry

1. What type of industry is this?

2. What is the importance of this industry to society?

Industrial Control System Processes Employed

1. List industrial control system processes specific to industry.

2. List the control systems that control those processes and how they control those processes.

3. Create a network diagram displaying the interconnections of the industrial control system devices listed in item 3.

a. For example: Use ICS CERT CSET, Visio, Excel, Word, etc.

PART-2

Profile ICS Devices

1. For each ICS device document:

a. Logical Ports

For example, 80, 443, etc.

http://www.digitalbond.com/tools/the-rack/control-...

b. Protocols Running

For example, SMTP, SNMP, DNP3, Modbus, Fieldbus, Ethernet, etc.

c. Physical Connection Types

For example, serial, RJ45, USB, parallel, etc.

http://www.digitalbond.com/tools/the-rack/control-...

d. Default Accounts:

Research the manufacturer’s information on the device. Look for default account information to login with.

Check “Default Password List” for an entry: http://www.defaultpassword.com/

e. Services

Research manufacturer’s information on the device and document services running.

f. Authentication

Research manufacturer’s website for the device and locate information on how the device authenticates users.

g. Use of Encryption

Research manufacturer’s website for the device and locate information about encryption. For example, does the device use encrypted connections? Is the back-end database encrypted? What type of encryption does it use? Is public/private key encryption like RSA?

h. Logging Capability

Research manufacturer’s website for the device and locate information about logging. Answer questions like is logging enabled? Are logs stored locally or remotely?

i. Other Security Documentation

Does the manufacturer have any security related documentation not provided above that would be of use?

PART-3

Identify, Measure, and Manage Risks

1. Identify risks:

Risk is a function of M, AV, T, and V:

R = f (M, AV, T, V)

R – risk, M – mission importance, AV – asset values, T – threats, V – vulnerabilities

2.“What”: what is the problem/challenge in managing risks and auditing the ICS? Explain how you might measure

“Why”: why do you need and want to solve the problem?

“How”: how do you economically solve it?

Identify Security Controls

1. Select security controls based on results from “Industrial Control System Processes Employed” and “Profile ICS Devices”:

Reference either ICS CERT CSET or NIST 800-53, Security and Privacy Controls for Federal Information Systems and Organizations,

http://nvlpubs.nist.gov/nistpubs/SpecialPublicatio...

Apply ICS Security Best Practices

1. NIST 800-82, Industrial Control System Security, http://csrc.nist.gov/publications/drafts/800-82r2/...

2. Identify unremediated risks and choose risk strategy: Accept risk, avoid risk, mitigate risk, share risk, transfer risk, combination.

Reference: NIST 800-37, Guide for Applying the Risk Management Framework to Federal Information Systems, http://nvlpubs.nist.gov/nistpubs/SpecialPublicatio...

Identify Vulnerability Continuous Monitoring Strategy

1. Examples:

a. Nessus - Bandolier modules.

b. Metasploit – ICS exploits.

c. Snort

d. Nmap – Identify ICS “friendly” scans.

2. Are these IA certified tools?How so?

a.For example:

i. NIAP: https://www.niap-ccevs.org/CCEVS_Products/pcl.cfm

ii. Common Criteria: https://www.commoncriteriaportal.org/products/



User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

thank you, I will work on your paper
Attached.

Running Head: ASSIGNMENT

1

Assignment work
Institutional affiliation
Date

ASSIGNMENT

2

Part 1
Industry description
The industry selected is Geothermal Power Plant. This is power and energy producing industry
that usually deals with producing of power from natural resources that are existing. The different
sources of power that are within this industry are hydroelectric power generation, wind
generating power stations, geothermal power generating plants, and nuclear power stations. The
power which is generated usually comes in different forms. One of the first forms is fossils fuels,
which is the power produced by the burning of fossil fuels such as natural gas, coal, and gas. The
other form of energy that is generated usually comes from nuclear reactions in which uranium
atoms are split in a process known as fission whereby heat is produced from the result. The third
form of energy is renewable energy, in which industries make use of natural energy in the
generation of electricity. The various sources of fuel encompass wind, marine waves, solar
energy, biomass, and hydroelectric power (Shahzad, et al., 2014).
Importance of Geothermal Power Plant to the society
Usually, it is very important to understand that this industry plays an important role in the society
today. In the industries, the power is used in driving machines through conversion of energy to
mechanical and electrical energy. Basically, electricity is used within the societies such as homes
for lighting. Without light, it would be impossible to do some responsibilities within our homes.
Moreover, it can be used in cooking in homes as well as hotels, whereby the food is cooked
faster, and especially in hotels in which the customers need quick services. Geothermal
industries are very critical to companies as they provide energy that can be used for commercial
services. Companies need a lot of power that can be used to run machines and therefore it should
be strong. In this case, the industry has been very helpful for the large companies that have big

ASSIGNMENT

3

machines which need a lot of power. In addition, it is likely that some healthcare centers make
use of geothermal energy in different areas. For example, they can use geothermal energy during
the treatment of cancer, generation of oxygen, as well as scanning. Likewise, power-driven
machines are useful to human health as it can be sustained through electronic devices (Shahzad,
et al., 2014).
Industrial Control System Processes Employed
Industrial control system processes in Geothermal Power Plant
Basically, geothermal industries have implemented a synchronized phasor measurement
technology for facilitating, controlling, monitoring and managing power systems. Geothermal
power consumption is usually determined by Phasor Measurement Units (PMU) at real time.
One of the major requirements for this determination is a speed that ranges between 50 to 100
Hertz. As a result of the PMU systems, the industries are able to implement fast and reliable
power consumption estimates by use of Wide Area Measurement Systems (WAMS) (Tolentino,
& Kim, 2010). Wi...


Anonymous
Great content here. Definitely a returning customer.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags