Securing Industrial Control Systems on a Virtual Platform: How to Best Protect the Vital Virtual Business Assets

Sajid Nazir, Mark Lazarides

Research output: Book/ReportCommissioned report


Industrial control systems (ICS) such as Supervisory Control and Data Acquisition (SCADA) are used to monitor and control critical infrastructures, like transportation and power generation systems. Recent ICS are Internet-connected to exploit the benefits of remote connectivity and availability of mobile devices. The connection to the Internet however exposes the critical infrastructures relying on ICS to cyber security threats as evidenced by attacks such as Stuxnet.

The monitoring and control industry has been quick to appreciate the benefits of virtualisation and is keen to adopt it. Although, a virtual platform offers similar attack surface as physical hardware, some of its features can be leveraged to protect the hosted applications against security threats, and also to recover quickly from any disruption or disaster. Hardening is the process of protecting a system by reducing its vulnerability to attacks. Firstco Ltd. has established a VMware Virtual Development Environment (VDE) for developing, testing and simulating SCADA systems, and it maintains in-house security standards for ensuring a hardened system.

This paper covers the security hardening measures by combining the traditional best practices with the inherent features of a virtual infrastructure to yield a hardened ICS system.
Original languageEnglish
Number of pages7
Publication statusPublished - 9 Feb 2016


  • Industrial Control Systems
  • Supervisory Control and Data Acquisition
  • virtualisation
  • Virtual Development Environment


Dive into the research topics of 'Securing Industrial Control Systems on a Virtual Platform: How to Best Protect the Vital Virtual Business Assets'. Together they form a unique fingerprint.

Cite this