Control system security is the protection of critical control systems from malicious or inadvertent interference. These primarily involve industrial automated systems that manage a wide variety of things, from power plants to the stock exchange. Problems with control systems can create a ripple effect that might destabilize an economy, threaten national security or cause significant impediments to routine social activities. If the power grid fails, for instance, it can create considerable frustration for everyone in the affected region.
In control system security, a series of layered measures are put in place to limit access to control systems, prevent unauthorized activities and respond to security threats. Experts in this field can work for the companies that develop such systems or for the organizations that use them. Like other computer and technology security fields, this one is under constant evolution and development to respond to new threats posed by hacking, viruses and unexpected instability in new systems.
One component of control system security is the prevention of accidents. Systems might use things such as password prompts to keep personnel out of areas that they do not need to access and warning alerts when people are about to execute a command. These alerts tell people what the effect of the command will be and ask them whether they are sure that they want to proceed. If, for example, a technician shuts down a turbine at a power plant for cleaning, the system would flash a warning to make sure that the technician knows which turbine is being shut down and what will happen.
Protection from malicious events can be more complex. Control system security must contend with systems that might need to be online with options such as remote access functioning while also preventing intrusion from hackers or damage from viruses and worms. Their work can include the development of robust security programs to repel attacks, along with warning systems to alert personnel to the presence of viruses or intruders.
Concerns about control system security are an issue for many governments. Some nations have regulations in place with specific cyber-security requirements to protect critical infrastructure. Others have organizations and task forces that work on the development of new security measures along with outreach and education to various industries. These groups work with the industry to protect infrastructure, and they hire personnel and consultants such as computer scientists, security experts and former hackers who have intimate experience on the other side of the security barrier.