This Protection Profile specifies the minimum security requirements for a Target of Evaluation
(TOE) that is a SCADA field device. Common functions of a SCADA field device include:
Collecting measurements from sensors
Making logic and control calculations
Issuing control commands that modify a process
Examples of product categories that would be included in this TOE description are
programmable logic controllers (PLC’s), remote terminal units (RTU’s), programmable
automation controllers (PAC’s), and intelligent electronic devices (IED’s). These field devices
are typically found in remote sites in SCADA networks such as pumping plants, substations, or
turnouts.
The functionality of a field device can vary a great deal. Sophisticated field devices can run
programs and control complex processes. Simple field devices can be limited to a small number
of measurements and controls. This Protection Profile is applicable to any field device without
regard to the amount of measurement, calculation or control that takes place in the device.
While the title of this Protection Profile refers to SCADA field devices, it may be applicable to
similar field devices used in a DCS or any other control or monitoring system. In fact many field
devices that are used in SCADA systems are also used in DCS and PLC based control systems.
The TOE includes all resident software, hardware, and firmware in a field device. The
communication path and channels to the TOE are not part of the TOE. A simple way to describe
the TOE boundary is the physical boundary around the hardware platform. The TOE boundary
begins when data arrives at a physical interface and ends when data leaves a physical interface.
No comments:
Post a Comment