Accession Number:

AD1056116

Title:

Advanced Cyber Industrial Control System Tactics, Techniques, and Procedures (ACI TTP) for Department of Defense (DOD) Industrial Control Systems (ICS)

Descriptive Note:

Technical Report

Corporate Author:

U.S. CYBER COMMAND FORT GEORGE G MEADE MD Fort George G. Meade

Personal Author(s):

Report Date:

2018-03-01

Pagination or Media Count:

209.0

Abstract:

The purpose of this ACI TTP is to provide procedures that will enable IT and ICS managers to Detect nation-state-level cyber attacks Mitigate the effects of those attacks and Recover their networks following attacks. and data acquisition SCADA systems, distributed control systems DCS, and other control system configurations, such as skid-mounted programmable logic controllers PLC are typical configurations found throughout the DoD. ICS are often used in the DoD to manage sectors of critical infrastructure such as electricity, water, wastewater, oil and natural gas, and transportation. SCADA systems are generally used to control dispersed assets using centralized data acquisition and supervisory control. DCS are generally used to control production systems within a local area such as a factory using supervisory and regulatory control. PLCs are generally used for discrete control for specific applications and generally provide regulatory control. These control systems are vital to the operation of the DoDs critical infrastructures that are often highly interconnected and mutually dependent systems. the ACI TTP does not include procedures regarding the Non-classified Internet Protocol Router Network NIPRNet andor the corporate network, it does presume that both are hostile networks. ICS network staff should not rely on the cyber security infrastructure that these networks provide and should maintain a level of awareness regarding potential cyber attacks coming from these networks.

Descriptors:

• control systems
• human machine interface
• computer programs
• cyberattacks
• denial of service attack
• local area networks
• databases
• computer programming
• malware
• application protocols
• national security
• anti virus software
• computer networks
• information systems
• network architecture
• operating systems
• cybersecurity
• network protocols

Subject Categories:

• Computer Systems
• Military Operations, Strategy and Tactics

Distribution Statement:

APPROVED FOR PUBLIC RELEASE