The post AutoQuiz: What Security Property Is Affected If a Hacker Intercepts and Changes Set Point Data? first appeared on the ISA Interchange blog site.
This automation industry quiz question comes from the ISA Certified Automation Professional (CAP) certification program. ISA CAP certification provides a non-biased, third-party, objective assessment and confirmation of an automation professional’s skills. The CAP exam is focused on direction, definition, design, development/application, deployment, documentation, and support of systems, software, and equipment used in control systems, manufacturing information systems, systems integration, and operational consulting. Click this link for more information about the CAP program.
a) integrity
b) functionality
c) availability
d) defensibility
e) none of the above
Answer B is incorrect, because functionality is not a basic security property.
Answer C is incorrect, because the problem statement did not address the availability of data. It appears that only the value of the set point (data integrity) was affected.
Answer D is incorrect, because defensibility is not a basic security property, but rather a measure of the vulnerability of a system.
The correct answer is A, integrity. Data integrity implies that the data received is the same (value, format, quality) as the data sent. If a hacker is successful in changing set point data as that data travels over the network, the hacker has compromised integrity of the data, since it is no longer the same when received as when sent.
Reference: Nicholas Sands, P.E., CAP and Ian Verhappen, P.Eng., CAP., A Guide to the Automation Body of Knowledge. To read a brief Q&A with the authors, plus download a free 116-page excerpt from the book, click this link.
Source: ISA News