At the core of the defense-in-depth model, we find the ICS device security layer. This layer of defense involves protecting the equipment that makes the process run, including PLCs, HMIs, and ICS related computing and networking gear. In this chapter, we will explore the concepts of device hardening and life cycle management as they relate to ICS devices. By combining the two we can design a holistic device security posture.
Topics covered in this chapter include:
- Device hardening
- Patch management
- ICS device life cycle
- Configuration/change management
- Monitoring and logging