Industrial automation and control systems (ICS and Supervisory Control And Data Acquisition systems - SCADA) are the key components in the infrastructure of information systems of the organizations in various sectors of the economy (fuel and energy complex, metallurgical industry, chemical industry, etc.). These systems attract the attention of intruders both from the industrial espionage and for the purposes of vandalism and cyberterrorism.

Russian legislation establishes special requirements for the security of such systems. The regulatory requirements of the Russian Federation, aimed at securing key systems of information infrastructure (KSII), formulated in the federal regulation 256-FZ "On safety of Fuel and Energy facilities" and in a number of documents of the Security Council and the FSB of the RF, and also in the Order No. 31 of FSTEK of the RF.

Industrial automation systems of the modern generation widely use a transmission medium TCP/IP over the Ethernet and server virtualization. PLC controllers are constantly improving and supporting different communication protocols (Profibus DP/PA/FMS, Profinet, TCP-IP/RT/IRT, Modbus TCP/RTU, IEC 60870-5-101/104, CANbus, PLC, (KNX, X10). This requires the development of new approaches to the security of such systems. As of today, there has been a wide range of standards and world’s best practices developed and applied for APCS security (IEC 62443 (ISA 99) and 61850, NERC CIP, NIST SP 800-82, NIST SP 800-53 Rev 3, ANSI/ISA-99, etc.), which allow solving the tasks of monitoring the correct implementation and consistency of technological processes, protecting the processed information and combating fraud and theft.