These control systems manage essential services including electricity, petroleum production, water, transportation, manufacturing, and communications.
[1] The United States and other governments have passed cyber-security regulations requiring enhanced protection for control systems operating critical infrastructure.
Insecurity of, or vulnerabilities inherent in automation and control systems (ACS) can lead to severe consequences in categories such as safety, loss of life, personal injury, environmental impact, lost production, equipment damage, information theft, and company image.
Guidance to assess, evaluate and mitigate these potential risks is provided through the application of many Governmental, regulatory, industry documents and Global Standards, addressed below.
In addition, multiple national organizations such as the NIST and NERC in the USA released guidelines and requirements for cybersecurity in control systems.