Chapter 9 Securing Dedicated Systems Flashcards
What are some characteristics of desktop computers?
Desktop computers offer the flexibility to run different operating systems and are expandable with the ability to add or remove components such as memory and storage.
What is an embedded system?
An embedded system is a specialized computer system with fixed hardware, a specialized use, and a specific operating system designed for a particular purpose.
What are some examples of embedded systems?
Examples of embedded systems include Raspberry Pi, industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, Internet of Things (IoT) devices, medical systems, in-vehicle computing systems, drones, smart meters, surveillance systems, VoIP phones, and mobile devices.
What is the significance of real-time operating systems in industrial control systems (ICS) and SCADA systems?
Industrial control systems and SCADA systems often use real-time operating systems designed to handle real-time processing and respond to events in a timely manner.
What are some unique security considerations for IoT devices?
IoT devices can connect to the Internet, making them susceptible to security vulnerabilities and attacks. Security measures should be implemented to protect against unauthorized access and ensure the privacy and integrity of data transmitted by these devices.
How does voice over IP (VoIP) relate to embedded systems?
VoIP phones, which use IP networks to transmit voice calls, are considered embedded systems. They have CPUs, RAM, operating systems, and security considerations specific to VoIP technology.
What distinguishes mobile systems in terms of security?
Mobile systems, such as laptops, tablets, and smartphones, are considered embedded systems with the added characteristic of mobility. They have fixed hardware, specific operating systems, and unique security concerns related to their portability and connectivity.
What are industrial control systems (ICS) and what industries use them?
Industrial control systems are specialized computers used in various industries such as manufacturing, water treatment plants, and power grid utilities. They are responsible for controlling and monitoring physical processes and equipment in these industries.
What is a programmable logic controller (PLC)?
A programmable logic controller (PLC) is an industrial control system device with an IP address and various ports used to connect sensors, robotic machinery, actuators, and other equipment. It plays a crucial role in controlling and monitoring physical processes in industrial environments.
Why are industrial control systems a potential security concern?
Industrial control systems, including PLCs, are connected to networks and have the potential to be targeted by attackers. Compromising these systems can have serious consequences as they control physical equipment and processes in critical infrastructures.
What security measures should be taken to protect industrial control systems?
Security measures for industrial control systems include applying firmware updates to address vulnerabilities, ensuring the security of monitoring stations that interact with the systems, implementing network isolation to limit exposure to external networks, and considering the use of lightweight operating systems specifically designed for industrial control applications.
What is supervisory control and data acquisition (SCADA) and how does it relate to industrial control systems?
SCADA refers to a collection of industrial control system devices that focus on specific tasks such as monitoring and controlling processes in manufacturing, water treatment plants, power grids, and other industries. SCADA systems can be dispersed over a wide area network and often include a central supervisory station that retrieves data from multiple PLCs located in remote areas.
What is the role of a supervisory control and data acquisition (SCADA) master station?
The SCADA master station serves as a central control and monitoring point for industrial processes. It collects data from various PLCs and provides real-time information on the status and performance of equipment and processes in industrial environments.
What is the Internet of Things (IoT) and what does it encompass?
The IoT refers to interconnected devices that can transmit data over the internet, including laptops, smartphones, smartwatches, baby monitors, and more.
What are some security considerations for IoT devices?
Security concerns include default credentials, lack of firmware updates, and vulnerability to malware. To mitigate risks, apply updates, change default credentials, use secure protocols, and secure interacting devices.
Can you explain the security implications of IoT devices and the need for network isolation?
IoT devices can be vulnerable to attacks, compromising user privacy. Network isolation is essential to protect other networks by placing IoT devices on separate VLANs and implementing firewall rules.
What is Zigbee, and how does it relate to IoT security?
Zigbee is a protocol for smart home wireless networking. It provides inherent security measures like encryption. However, vulnerabilities can still exist, so updating firmware, securing devices, and network isolation are important for IoT security.
What is GPS?
GPS is a satellite navigation system that tracks objects based on coordinates to determine their location on Earth.
What is infrared?
Infrared is a legacy wireless technology that requires line-of-sight communication and was commonly used for interconnecting devices in the past.
What is cellular communication?
Cellular communication enables phone calls, texting, and data transmission over the cellular network.
What are Wi-Fi and Bluetooth?
Wi-Fi and Bluetooth are wireless communication technologies that use radio waves for data transfer between devices.
What is NFC?
NFC (Near Field Communication) is a short-range wireless technology used for tasks like mobile payments and data exchange between devices in close proximity.