Evaluating product vulnerabilities
Background: The evaluation of any product to be used within a nuclear facility, especially those that could affect its security posture, is vital. The difference between built-in security versus bolt-on security can be a big difference in terms of defense and administrative overhead.
Instructions: Being in charge of information security for a number of nuclear facilities.
You are tasked with researching and evaluating two industrial control systems, one that requires bolt-on security methods and another with built-in security methods.
Write a summary of one real world industrial control system that is example of a product that would require bolt-on security methods to prevent compromise and explain how you would secure it. Do the same for industrial control system with security built-in.
In the summary, explain why the vulnerable product would require additional layers of security to make up for deficiencies of its design. For the product that has security implemented as part of its design, explain what makes it more secure and better than the one that is not.
Support the statements with scholarly sources.