Ignition automation university

Course: Fundamentals of Industrial Control System Cyber Security CSCI 397 Topic For research paper: Industrial Automation - Ignition (SCADA) Please check part 1 and part 2. Part 1: Need outline: must do this The term research paper and associated presentation should be logically divided into sections that follow sound research paper style and address each of the areas defined by the “Term Paper Requirements”. You are free to organization the paper and presentation as appropriate, however a template has been provided for both the paper and presentation to help start the initial paper structure. This Assignment 7 requires that you provide the high-level organization and key factual items that will form the basis of the paper. Please supply as indicated below. Information presented should be summarized and demonstrate that the foundation for completion of the paper by the required Due Date has been collected and is understood. The topics presented in this Assignment are provided to assist in data collection, and do not necessarily need to be covered in the paper in their entirety. Company Overview Company Name: Company Headquarters: Major Geographical Regions Served: System Name: System First Released: Sales Website URL: Service and Support Website URL: System Overview Brochure URL: System Overview Please attach a System Overview graphic (copy/paste from brochure): Names and Functions of Key System Components: Names of System Communication Networks: What vendor-supplied security components are available? Does the vendor offer any other systems as part of their portfolio? If so, please provide system names. Communications and Protocols Describe the primary protocols and methods used between the key system asset types. This must address communication to/from field-connected controllers, communication to/from human-machine interfaces, and communication to/from historical data repositories as a minimum. Are any of these protocols proprietary? If so, please describe. Industry Sectors using this System Please provide the primary markets the system is targeted. You can either use U.S. defined Critical Infrastructure and Key Resources (CIKR), or Standard Industry Classification (SIC) for industry identification. (hint: https://en.wikipedia.org/wiki/Standard_Industrial_Classification) Vulnerabilities Disclosed for this System Please provide any vulnerabilities that have been publicly disclosed that target the system under consideration. Include source, year, and disclosure reference identifier. (hint: useful links are provided under the Week 8 Vulnerability and Exploit References provided on the Moodle LMS) Were publicly available exploit packages made available that target the identified vulnerabilities? (hint: useful links are provided under the Week 8 Vulnerability and Exploit References provided on the Moodle LMS) Impact and Consequences to Industry Sectors Served (Risk Identification) For the top 2-3 vulnerabilities discussed above, please provide a brief scenario (1-2 sentences) of how the successful exploitation of the vulnerability would impact the operating of the system and how it delivered its essential services to the industry it is deployed. Part 2: This is the main part Term Paper Requirements INTRODUCTION A key objective of any academic program is the refinement and reinforcement of strong communication skills. The same ability of a cyber security professional to compile information and present findings, observations, and recommendations in a clear, concise, and understandable manner is equally important. It is for these reasons that a requirement exists for the successful completion of this course to perform research centering on a specific automation vendor and their industrial solution offering and compile a paper summarizing the findings in a form of security assessment. The paper will focus on selecting a company and one of their industrial control system offerings. Solutions are often aligned to specific industry sectors and customer bases. These solutions should be understood to then look at vulnerabilities that have been disclosed targeting these systems. Equally important is the impact to the business operations of the end-user or asset owner should any of these vulnerabilities be exploiting – either intentionally or accidentally. It is essential to evaluate the unmitigated risks associated with these vulnerabilities and develop a recommended list of actions that would help the asset owner in mitigating some of these risk in order to improve the operational integrity of their cyber-physical systems. REQUIREMENTS AND GRADING Each student will be required to write their own research paper – no teaming, partnering, or study group papers are permitted. This is an individual assignment and copying or plagiarizing will not be tolerated and will be subject to University disciplinary action up to and including a failing grade for this course. The paper shall be at least five (5) and no more than ten (10) pages in length excluding figures, tables, and references. The paper shall be formatted using an 11-point font of either Arial, Helvetica, or Times Roman type using 1" margins on the sides and double-spacing between lines with 0.5" indentation on first line of paragraphs. The paper shall be written using the APA style guide seventh edition published in October 2019. Online guidance can be viewed at https://apastyle.apa.org. All tables and figures shall be captioned and