AutoQuiz is edited by Joel Don, ISA's social media community manager.
This automation industry quiz question comes from the ISA Certified Automation Professional (CAP) certification program. ISA CAP certification provides a non-biased, third-party, objective assessment and confirmation of an automation professional's skills. The CAP exam is focused on direction, definition, design, development/application, deployment, documentation, and support of systems, software, and equipment used in control systems, manufacturing information systems, systems integration, and operational consulting. Click this link for more information about the CAP program.
If a hacker intercepts and changes set point data traveling over an industrial network, which basic security property is affected?
a) integrity
b) functionality
c) availability
d) defensibility
e) none of the above
Answer B is incorrect, because functionality is not a basic security property.
Answer C is incorrect, because the problem statement did not address the availability of data. It appears that only the value of the set point (data integrity) was affected.
Answer D is incorrect, because defensibility is not a basic security property, but rather a measure of the vulnerability of a system.
The correct answer is A, integrity. Data integrity implies that the data received is the same (value, format, quality) as the data sent. If a hacker is successful in changing set point data as that data travels over the network, the hacker has compromised integrity of the data, since it is no longer the same when received as when sent.
Reference: Nicholas Sands, P.E., CAP and Ian Verhappen, P.Eng., CAP., A Guide to the Automation Body of Knowledge. To read a brief Q&A with the authors, plus download a free 116-page excerpt from the book, click this link.
ISA offers standards-based industrial cybersecurity training, certificate programs, conformity assessment programs, and technical resources. Please visit the following ISA links for more information:
- ISA Global Cybersecurity Alliance
- Cybersecurity Resources Portal
- Cybersecurity Training
- IEC 62443 Conformance Certification
- Family of Standards
- ISA/IEC 62443 Cybersecurity Certificate Programs
- Suite of Security Standards
About the Editor
Joel Don is the community manager for ISA and is an independent content marketing, social media and public relations consultant. Prior to his work in marketing and PR, Joel served as an editor for regional newspapers and national magazines throughout the U.S. He earned a master's degree from the Medill School at Northwestern University with a focus on science, engineering and biomedical marketing communications, and a bachelor of science degree from UC San Diego.