About the Project
The need for an impact-driven, operations-specific incident database, focusing specifically on control systems, including embedded devices not classified as ‘traditional’ control systems, has been discussed for several decades.
Several incident databases identify network-driven systems with questionable controlling features and functions over physical objects. Their classification is often objectified as ‘operational technology’ (or ‘OT’); alternatively, European and non-US based organizations may refer to the term ‘cyber-physical systems’, often having similar properties and functions to that as ‘OT’.
The acronym ‘SCIDMARK’ means ‘Systems and Cyber Impact Database MARKup’. The premise behind its development is four-fold:
The database is primarily focused on ‘operational security’. This does not pertain to protecting physical objects using traditional physical security controls (perimeter protection, CCTV, security personnel, etc.); however, it applies more to continuously operating environments relying upon automation - without incident - to the operation as well as personnel maintaining those environments.
Several databases already exist, having claimed similar features and functions, often focusing on network-based systems which may have little or no controlling functions over physical objects.
Other databases may exist, but are either (highly) restricted, or require credentials; often requesting fees for access. Some databases contain classified information maintained by governments based on their levels of importance, often impact-related, usually pertaining to national security. Although these databases may be used for determining risk, impact, and consequential factors, they generally focus primarily on data and securing information.
This database is impact-centric, focusing on risk, impact, and consequence - available free of charge. Unlike other databases, this one is not attack-driven as there is an overwhelming number of them that exist, focusing on attacks, threats, and vulnerabilities. To differentiate non-accidental, accidental, and attack-based incidents, this database does include attack-based scenarios; however, the format and information provided (again) focuses primarily on impact-driven rather than attack-driven outcomes.
Although these databases are informative, their usefulness is often ‘drowned’ out by the overwhelming number of them that exist, usually focusing on the same information, often missing their objective(s). Additionally, many more databases exist depicting possible attacks or severe consequential outcomes - though these outcomes have never happened, according to these database, they could happen.
What they do not include are the following:
Event and incident-driven impacts that have already happened.
Event-driven impacts which may (or may not) affect an operation.
Incident-driven, non-accidental impacts that are not attack-focused.
Incident-driven, accidental impacts that are not attack-focused.
Incident-driven, accidental impacts that are attack-focused.
These missing key factors are what SCIDMARK provides; focusing on impacts and their resulting consequences - rather than attacks - are the objectives for this database’s existence.
Although the initial list of events or incidents appear relatively small in number, to date, we have collected several thousand events and incidents. As more data is processed into meaningful and readable information, they will be posted here.
BETA VERSION 0.57
Infracritical may perform maintenance starting on 1-Oct-2020 for periodic database upgrades.
During the outage, one or more services may not be available due to maintenance.
We apologize for any inconvenience, and thank you for your continued patronage.
After the successful publishing of his First Edition book, Bob Radvanovsky teamed up with Allan McDougall and have produced three more editions together; the Fourth Edition (released in October 2018) presents a culmination of ongoing research and real-work experience, building upon previous editions.
Since the First Edition of this work, the domain has seen significant evolutions in terms of operational needs, environmental challenges and threats – both emerging and evolving. This work expands upon the previous works and maintains its focus on those efforts vital to securing the safety and security of populations.
The continued evolution of modelling critical business systems, their environments, and interactions with society, has played an important role with following social importance, along with its movement.
The latest version of their work may be found at Amazon.
Since the First Edition of their book, both Bob Radvanovsky and Jake Brodsky have continued expanding on their comprehensive handbook that covers fundamental security concepts, methodologies, and relevant information pertaining to supervisory control and data acquisition (SCADA) and other industrial control systems used in utility and industrial facilities worldwide. A community-based effort, it collects differing expert perspectives, ideas, and attitudes regarding securing SCADA and control systems environments toward establishing a strategy that can be established and utilized.
For the Second Edition, their book includes six new chapters, six revised chapters, and numerous additional figures, photos, and illustrations. The Second Edition serves as a primer or baseline guide for SCADA and industrial control systems security. The book is divided into five focused sections addressing topics in:
- Social implications and impacts
- Governance and management
- Architecture and modeling
- Commissioning and operations
- The future of SCADA and control systems security
The book also includes four case studies of well-known public cyber security-related incidents. The latest version of their work may be found at Amazon.