Network Security: The Defense in Depth Model

The Smart Grid has moved towards the use of IP Networks over serial and other slower connectivity technologies. This created potential for security issues (hacking, viruses, malware, etc.). Control systems are focused on SIA (Safety, Integrity and Availability). CIA (Confidentiality, Integrity and Authentication) is now also becoming very relevant.

The Defense in Depth model is a layered approach where mechanisms are organized to protect the CIA of the data. These layers include the protection of the:
- Physical layer by restricting access to key systems,
- Network layer by protecting stored and moving data through encryption, integrity, segmentation, intrusion detection, etc.
- Computer systems by endpoint protection and patch management to prevent malware and intrusion,
- Applications from vulnerabilities by patch management and secure development,
- Devices by monitoring and intrusion protection and hardening, which is the process of securing the device by reducing its attack surface.

Narrated by iS5 Communications' Field Application Engineer Dominic Iadonisi.
Be the first to comment