(P)0wning the S-EWS
Vectors for compromising an EWS may be similar to those used with earlier HMI systems. This is due to the consistent system management that exists across hosts. The significant factor that needs to be considered is the relative value of assets on the EWS compared to assets on the HMI.
The HMI is a bidirectional read/write instrument for the process being controlled; however, many systems presently involve Role-Based Access Control (RBAC), which may be limited if multiple operators and many plant units are involved.
The EWS and S-EWS generally include the ability to configure RBAC. They also provide the necessary tools to directly access, adjust, and improve the primary control equipment (PLC, BPCS, SIS, Intelligent Electronic Device (IED), and so on). Moreover, the EWS contains important confidential documents related to the ICS design, configuration, and operation, which makes it more valuable than the typical HMI. Figure 4.12 illustrates various attack vectors...
