Control Systems Security Program (CSSP)
Secure Architecture Design
This secure architecture design is the result of an evolutionary process of technology advancement and increasing cyber vulnerability presented in the Control Systems Defense in Depth Strategies recommended practice.
Hover over the various areas of the graphic and click inside the box for additional information associated with the system elements.
-
Backup Control Center
-
Control System Applications Server
-
Control System Authentication DMZ
-
Control System Authentication Server
-
Control System Business Communications DMZ
-
Control System Configuration Server
-
Control System Data Acquisition Server
-
Control System Database Server
-
Control System DB DMZ
-
Control System Engineering Workstation
-
Control System External Business Communication Server
-
Control System Firewall
-
Control System Firewall
-
Control System Firewall
-
Control System Historian
-
Control System HMI Computers
-
Control System LAN
-
Control System Modem Pool
-
Control System Security DMZ
-
Control System Security Server
-
Control System Web Server DMZ
-
Control System WWW Server
-
Corporate Authentication DMZ
-
Corporate Authentication Server
-
Corporate Business Servers
-
Corporate Business Workstations
-
Corporate CS DB/Historian
-
Corporate DNS DMZ
-
Corporate DNS Server
-
Corporate eMail DMZ
-
Corporate eMail Server
-
Corporate Firewall
-
Corporate FTP DMZ
-
Corporate FTP Server
-
Corporate LAN
-
Corporate Web Applications Servers
-
Corporate Web Server
-
Corporate Web Server DMZ
-
Corporate Wireless Access Points
-
Corporate Wireless DMZ
-
Field Controller/RTU/PLC/IED
-
Field Wireless Access Points
-
Remote Business Peers