|Abstract:||Information systems are a substantial part of our everyday life. All systems related to information, hardware, software, and networks are classified as information systems.
SCADA systems, that are nowadays considered as critical infrastructure, are as well listed as information systems. They are being used in almost every large organization having production plants or industrial sites. SCADA is a system responsible for controlling, managing, and collecting data. Ordinarily, it forms a whole with ERP and MES systems, PLC devices, sensors, and other hardware. Due to the importance of these systems for production plants to work undisturbedly, and an increasing number of cybernetic attacks, specialists devote great attention to such systems. Hackers, organized criminals, insider attackers, cyberwarfare, e-warfare, and members of ideological and political hacktivism, are all considered as a threat to the security of the critical infrastructure. In order to improve security of the critical infrastructure, organizations often resort to network segmentation, which can essentially improve security assurance. Implementing network segmentation separates the network into multiple layers divided by firewalls, therefore increasing the level of network security. The results of the thesis show, that network segmentation does contribute to increased security, although due to limitation of network bandwidth, it can cause difficulties when upgrading or repairing the system, moreover, it can lead to communication problems between different network layers. |