Industrial Control Systems (ICS) comprise software, hardware, network systems, and people that manage and operate industrial processes. Supervisory Control and Data Acquisition Systems (SCADA) and Distributed Control Systems (DCS) are two of the most prevalent ICS. An ICS facilitates the effective and efficient management and operation of industrial sectors, including critical infrastructure sectors like utilities, manufacturing, and water treatment facilities. An ICS collects and integrates data from various field controllers deployed in industrial contexts, enabling operators to make data-driven decisions in managing industrial operations. Historically, ICS were isolated from the internet, functioning as part of air-gapped networks. However, the efficiency improvements brought about by the emergence of Information Technology necessitated a shift towards a more connected industrial environment. The convergence of Information and Operational Technology (IT/OT) has made ICS vulnerable to cyberattacks. Due to the crucial nature of the infrastructure that ICS manage, cyberattacks against ICS may cause critical infrastructure sectors to experience downtime. This may have a crippling impact on a country's well-being and essential economic activities. Given the proliferation of cyber warfare, cyberattacks against ICS are increasingly significant at present, as was the case during the 2015 attack on Ukraine's power infrastructure, which was successful in causing a blackout that affected over 200 000 persons. The threat actors used malicious software known as "BlackEnergy3", which was created to interfere with the regular operation of the ICS in charge of controlling electrical substations. This was the first known instance of malicious software causing blackouts. In response to increasing cyberattacks against ICS, the SANS Institute, in a whitepaper titled “The Five ICS Cybersecurity Critical Controls”, present five critical controls for an ICS cybersecurity strategy. This paper discusses ICS and the increased convergence of IT and OT. The paper also outlines significant cyberattacks directed at ICS. The paper then follows an exploratory research methodology done in response to the Five ICS Cybersecurity Critical Controls to determine the state of ICS literature that can help ICS operators secure their environments in accordance with the framework. Additionally, the ICS Cybersecurity Critical Controls are mapped to the NERC CIP standards, which provide guidance on the security of the Bulk Electric System (BES) and associated critical assets in North America.
The emergence of the Industrial Internet of Things (IIoT) has improved the management of industrial operations and processes. IIoT involves collecting and processing data from a vast array of sensors deployed across industrial complexes. This enables the measurement of the efficiency of industrial processes, monitoring the health of machinery, optimisation of operations, and response to real-time events. In its application, IIoT underpins the operation of critical infrastructure in sectors including manufacturing and utilities. Maintaining the availability and resilience of critical infrastructure against internal and external threats is essential to minimise disruptions that could have a debilitating effect on a nation’s economy. Although internal threats can lead to a critical infrastructure’s downtime, external threats through cyberattacks also pose a significant threat. Historical events have demonstrated that the successful disruption of critical infrastructure can lead to the loss of human life, the interruption of necessary economic activities and national security concerns. Therefore, the availability of resilient critical infrastructures is vital to the well-being of a country. In this context, the paper compares the deployment of traditional IIoT to that of edge computing for the storage and processing of data. Traditional IIoT relies on a centralised server for data storage and processing, which is insufficient as IIoT environments cannot tolerate delays in responding to real-time events. Conversely, edge computing allows for data processing at the edge, closer to the data source, which plays a crucial role in enabling IIoT devices to respond to real-time events by reducing decision-making latency. Moreover, the decentralised nature of edge computing reduces the reliance on a centralised server by only sending required data to the cloud for further processing. Although edge computing enhances IIoT deployments, a notable concern is a resultant increase in the attack surface of IIoT environments, which consequently restricts its implementation. Exploratory research is conducted to explore the integration of edge computing into IIoT environments with a focus on improving the management and operation of critical infrastructures. A review of the current literature is performed to identify and discuss security concerns prevalent in edge computing-enabled IIoT environments and proposed mitigation strategies.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2025 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
