An essential function of the Vanir ICS is to provide details of the physical mission system so that the health of that system can be assessed and appropriate control actions can be chosen and executed as needed. Unfortunately, complex ICS are themselves susceptible to failures and malicious cyber and physical attacks. A failed or compromised Vanir ICS cannot be utilized to construct an accurate representation of the mission system or to ensure that chosen controls are faithfully executed by that system.
-
To reduce the exposure of the Vanir ICS to the other networks.
-
Use standards, formally verified software where possible.
-
Maintain a tight control on access points to the Vanir ICS.
-
Human team should be able to integrate historical data (including successful attacks) and trends, information from outside sources, and real-time data.
-
Independent sensors should be used to help the human team resolve inconsistencies and address malicious distortion of sensor data.