This white paper presents an overview of industrial automation systems and the role of malware and information security in this field. The topics discussed herein are of interest not only to industrial applications, but are also relevant for e.g. automation of municipal services.

The scope of the white paper is limited to considering the lower two layers of the automation pyramid and touching the third SCADA/DCS layer. The paper attempts to describe the field of information security in industrial automation from a generic point of view. Data and information in this paper, on which conclusions are based, are available in the public domain.

The chapters 1 and 2 provide an overview of information security in general and in industrial automation. Chapter 3 discusses the security of
communication between devices and systems in industrial automation, while chapter 4 focuses on the security of individual automation devices.

Wireless communications interfaces are briefly considered in chapter 5, followed by a summary of the paper in chapter 6.