| Summary: | 碩士 === 國立高雄師範大學 === 資訊教育研究所 === 97 === With the advance of Information Technology (IT), manufacturing greatly introduces general purpose equipment into the process control system to replace specialized control devices. While enjoying the convenience and benefits of IT, Industrial Control Systems (ICS) encounter the security problems of configuration change, virus, and hacker intrusion, etc.
To counteract security problem of IT, it is necessary to develop and apply cyber security standards. By the proper standards, it will help enterprise defend industry from cyber attack. Furthermore, each ICS environment is not always the same. Considering the characteristic of ICS, enterprise should select adequate cyber security standards for specific ICS equipment.
Information Security Management Systems (ISMS) for critical infrastructure ICS already extend to the scope of safety of human lives. “2008 Information Communication Security Policy White Paper”, published by the Science & Technology Advisory Group of the Executive Yuan (the Cabinet) of Taiwan on March 14, 2008, formally announced “Control Policy of Critical Infrastructure." Based upon the above reason, in this paper, we organizes published and developing information security management for ICS related standards to extend ISO/IEC 27001:2005(E) for ICS area, and we expect that this paper could provide those decision makers with a common framework of security control to help them select standards.
|
|---|
