Control Systems Security Program (CSSP)
The goal of the DHS National Cyber Security Division's CSSP is to reduce industrial control system risks within and across all critical infrastructure and key resource sectors by coordinating efforts among federal, state, local, and tribal governments, as well as industrial control systems owners, operators and vendors. The CSSP coordinates activities to reduce the likelihood of success and severity of impact of a cyber attack against critical infrastructure control systems through risk-mitigation activities.
To obtain additional information or request involvement or assistance, contact cssp@hq.dhs.gov.
CSSP has released Version 4.0.1 of the Cyber Security Evaluation Tool (CSETTM). This new version of the tool can be downloaded. This new release includes new standards such as NERC CIP Revision 3, NRC Regulatory Guide 5.71, a new key requirements set, and Version 7 of the DHS "Catalog of Security Requirements: Recommendations for Standards Developers." The new CSETTM also includes a fully revised set of reports with complete gap rankings, new diagramming functionality, and a new resource library as well as minor enhancements. This tool supports evaluations of both business and industrial control systems.
ICS-CERT has released an ALERT titled "ICS-ALERT-12-039-01 - Advantech BroadWin RPC Server Vulnerability" that warns of an RPC server vulnerabililty with proof-of-concept exploit code affecting the Advantech BroadWin WebAccess software.
ICS-CERT has released an Advisory titled "ICSA-12-039-01- Invensys Wonderware HMI Reports XSS and Write Access Violation" that details two vulnerabilities in the Invensys Wonderware HMI reports product.
ICS-CERT has released an Advisory titled "ICSA-12-013-01 - ING. Punzenberger COPA-DATA GMBH DoS Vulnerabilities" that details a denial of service (DoS) vulnerability in the Ing. Punzenberger COPA-DATA GmbH zenon human-machine interface (HMI) system.
ICS-CERT has released an ALERT titled "ICS-ALERT-12-034-01 - SSH Scanning Activity Targets Control Systems" to inform CIKR asset owners and operators of ongoing, large scale, active scanning of Internet facing control systems involving SSH.
ICS-CERT has released the Newsletter titled "ICS-CERT Monthly Monitor" for January 2012, a summary of ICS-CERT activities for December 2011.
ICS-CERT has released an Advisory Update titled "ICSA-12-030-01 - Siemens SIMATIC WinCC Vulnerabilities" that details multiple vulnerabilities identified by multiple researchers in the Siemens Simatic WinCC Human-Machine Interface (HMI) application.
ICS-CERT has released an Advisory Update titled "ICSA-12-012-01A - Open Automation Software OPC Systems.NET" that provides information on an additional vulnerability in Open Automation Software OPC Systems.NET.
The Industrial Control Systems Joint Working Group (ICSJWG) 2012 Spring Conference dates have been finalized as May 7 - 10, 2012. This conference will be held at the Hyatt Regency Savannah in Savannah, Georgia, USA. This event is open to all members interested in learning about cybersecurity issues facing the nation's critical infrastructure control systems. This is an excellent resource for government professionals (federal, state, local, tribal, and international); control system vendors and systems integrators; research, development, and academic professionals; and owners and operators (management, engineering, production, and IT). Conference attendees will be able to discuss the latest initiatives impacting the security of industrial control systems and will have the opportunity to interact with colleagues and peers who may be addressing the risks of threats and vulnerabilities to their systems. Click on the graphic to learn more about the conference.
Top 10 most accessed control systems documents and web pages
- ICS-CERT
- Strategy for Securing Control Systems (pdf)
- Catalog of Control Systems Security: Recommendations for Standards Developers (pdf)
- Cyber Security Procurement Language for Control Systems (pdf)
- Recommended Practices
- Personnel Security Guidelines (pdf)
- Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies (pdf)
- Developing an Industrial Control Systems Cybersecurity Incident Response Capability (pdf)
- Cyber Security Evaluation Tool
- Secure Architecture Design
CSSP and ICS-CERT encourage you to report suspicious cyber activity, incidents and vulnerabilities affecting critical infrastructure control systems. You can also submit reports to ICS-CERT via one of the following methods:
- ICS related cyber activity: ics-cert@dhs.gov
- ICS-CERT Watch Floor: 1-877-776-7585
When sending sensitive information to ICS-CERT via email, we encourage you to encrypt your messages.
Download the public key.
Notable Critical Infrastructure News Feed: 