Process Whitelisting And Resource Access Control For ICS Computers

No ratings

Presented at S4 2014 by

Kuniyasu Suzaki

The Control System Security Center (CSSC) in Japan has an active project in their lab to apply process white list control and computer resource access control to Windows servers and workstations in an ICS. These security controls can be very effective in ICS computers that are relatively static as compared to corporate network systems. The process white list control limits process creation with parent-child relation, SHA1 hash value of an executable file, and conflict of interest. The computer resource access control limits access from a process to file, network (IP address and port), and device. Attend this session learn how CSSC is applying this technology and lessons learned in the lab environment.