Protecting SCADA and DCS systems for over 18 years
Industrial Defender Cyber Risk Protection

Compliance

CS2SAT

 

CS2SAT Self-Assessment

The Control System Cyber Security Self-Assessment Tool (CS2SAT) is a software application which provides users with a comprehensive approach for assessing cyber security risks and vulnerabilities within industrial control system and SCADA networks. This software tool is designed to assist end-customers with the ability to conduct a self-assessment of their control system environment as a pre-cursor to a comprehensive cyber security or compliance assessment. The CS2SAT tool will guide end-customers through a step-by-step process to collect specific control system information and make a recommendation for improving cyber security protection in this environment.


While this self-assessment tool does not identify all cyber security vulnerabilities, it is effective in the ability to identify the key areas of cyber security risk. The CS2SAT tool is also effective tracking industry regulations including NERC CIP compliance for the bulk electric system by providing hyperlinks to the regulatory language stored in the CS2SAT knowledgebase. The Department of Homeland Security National Cyber Security Division developed the Control System Cyber Security Self-Assessment Tool (CS2SAT) to provide users with a comprehensive approach for assessing the cyber-security posture of their industrial control system and SCADA networks. CS2SAT was developed by cyber security experts from Department of Energy National Laboratories and with assistance from the National Institute of Standards and Technology.


The CS2SAT assessment tool provides recommendations from a database of available industry cyber security practices, which have been adapted specifically for application to industrial control system and SCADA networks and components. Each recommendation in the software tool is linked to a set of actions that can be applied to remediate specific security vulnerabilities.


The CS2SAT assessment tool is designed with a cyber security framework based on control system related federal codes, industry standards, and guidelines such as the following:

  National Institute of Standards and Technology (NIST) System Protection Profile, Critical Infrastructure Process Control Systems (SPP-CIPCS), Revision 1.07 (Draft)
  NIST SPP Industrial Control Systems (SPP-ICS), Revision 1.0
  Common Criteria, ISO/IEC 15408 Versions 2.1 to 3.1
  North American Electric Reliability Council (NERC) Critical Infrastructure Protection (CIP) Reliability Standards, CIP-002-1 - CIP-009-1
  NIST Special Publication (SP) 800 53, Recommended Security Controls for Federal Information Systems
  U.S. Department of Defense (DOD) Instruction Number 8500.2, "Information Assurance (IA) Implementation,"
  Industry Standards and Best Practices

The CS2SAT assessment tool is currently available from Industrial Defender for $399.00.

cs2sat  For a limited time Industrial Defender will provide qualified critical infrastructure asset owners with copies of the CS2SAT assessment tool free of charge.

For more information about the CS2SAT assessment tool please contact Industrial Defender at info@industrialdefender.com.