The U.S. Department of Homeland Security (DHS) National Cyber Security Division's Control Systems Security Program (CSSP) performs cyber security assessments of Industrial Control Systems (ICS) to help industry improve the security of the ICS used in critical infrastructures throughout the United States. A key part of this mission is the assessment of ICS to identify vulnerabilities that could put critical infrastructures at risk from a cyber attack.
This report presents results from 15 ICS assessments performed under the CSSP from 2004 through 2008. Although information found in individual stakeholder reports is protected from disclosure, the security of the critical infrastructure as a whole can be improved by sharing information on common security problems with those in industry responsible for developing and maintaining ICS. For this reason, vulnerability information was collected, analyzed, and organized in a way that the most prevalent issues could be identified and mitigated by those responsible for individual systems without disclosing the identity of the associated ICS product.
Common vulnerabilities were derived from correlated vulnerabilities identified by the 15 ICS assessments and grouped into general categories. Poor network protocol implementations, information disclosure, and authentication problems contain the most report findings. General recommendations are based on empirical knowledge gained through performing security assessments on ICS products and operational installations.