ISA Interchange

Welcome to the official blog of the International Society of Automation (ISA).

This blog covers numerous topics on industrial automation such as operations & management, continuous & batch processing, connectivity, manufacturing & machine control, and Industry 4.0.

The material and information contained on this website is for general information purposes only. ISA blog posts may be authored by ISA staff and guest authors from the automation community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

AutoQuiz: What Security Property Is Affected If a Hacker Intercepts and Changes Set Point Data?

AutoQuiz is edited by Joel Don, ISA's social media community manager.

This automation industry quiz question comes from the ISA Certified Automation Professional (CAP) certification program. ISA CAP certification provides a non-biased, third-party, objective assessment and confirmation of an automation professional's skills. The CAP exam is focused on direction, definition, design, development/application, deployment, documentation, and support of systems, software, and equipment used in control systems, manufacturing information systems, systems integration, and operational consulting. Click this link for more information about the CAP program.

If a hacker intercepts and changes set point data traveling over an industrial network, which basic security property is affected?

a) integrity
b) functionality
c) availability
d) defensibility
e) none of the above

Answer B is incorrect, because functionality is not a basic security property.

Answer C is incorrect, because the problem statement did not address the availability of data. It appears that only the value of the set point (data integrity) was affected.

Answer D is incorrect, because defensibility is not a basic security property, but rather a measure of the vulnerability of a system.

The correct answer is A, integrity. Data integrity implies that the data received is the same (value, format, quality) as the data sent. If a hacker is successful in changing set point data as that data travels over the network, the hacker has compromised integrity of the data, since it is no longer the same when received as when sent.

Reference: Nicholas Sands, P.E., CAP and Ian Verhappen, P.Eng., CAP., A Guide to the Automation Body of Knowledge. To read a brief Q&A with the authors, plus download a free 116-page excerpt from the book, click this link.

ISA offers standards-based industrial cybersecurity training, certificate programs, conformity assessment programs, and technical resources. Please visit the following ISA links for more information:

About the Editor
Joel Don is the community manager for ISA and is an independent content marketing, social media and public relations consultant. Prior to his work in marketing and PR, Joel served as an editor for regional newspapers and national magazines throughout the U.S. He earned a master's degree from the Medill School at Northwestern University with a focus on science, engineering and biomedical marketing communications, and a bachelor of science degree from UC San Diego.

Connect with Joel
LinkedInTwitterEmail

 

Joel Don
Joel Don
Joel Don is an independent content marketing, social media and public relations consultant. Prior to his work in marketing and PR, Joel served as an editor for regional newspapers and national magazines throughout the U.S. He earned a master's degree from the Medill School at Northwestern University with a focus on science, engineering and biomedical marketing communications, and a bachelor of science degree from UC San Diego.

Related Posts

Exploring Zero Trust in Operational Technology

Zero trust has become the top approach for IT security, guiding how organizations worldwide design their ...
Muhammad Musbah Nov 1, 2024 7:00:00 AM

The Role of IoT in Streamlining Communication for Industrial Automation

The Internet of Things plays a vital role in transforming industrial settings. As we usher in Industry 4....
Ainsley Lawrence Oct 29, 2024 7:00:00 AM

Maximize Operator Situation Awareness During Commissioning Campaign

Learning Outcomes Explain the scenario that often occurs during the construction and commissioning of lar...
Daniel O'Duffy Oct 25, 2024 7:00:00 AM