Recommendation ITU-T X.1333 (01/2022) Security guidelines for the use of remote access tools in Internet-connected control systems
Summary
History
FOREWORD
Table of Contents
1 Scope
2 References
3 Definitions
     3.1 Terms defined elsewhere
     3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Overview – RATs in Internet-connected control systems
7 Threats to the use of RATs in Internet-connected control systems
     7.1 Threats to RAT clients
     7.2 Threats to RAT servers
     7.3 Threats to the communication channel between client and servers
8 Security guidelines for the use of RATs in Internet-connected control systems
     8.1 Security guidelines for RAT clients
          8.1.1 Software update
          8.1.2 Software integrity
          8.1.3 Secure configuration of RAT client
          8.1.4 Control of user access to client device
          8.1.5 Physical security
     8.2 Security guidelines for RAT servers
          8.2.1 User authentication
          8.2.2 User authorization
          8.2.3 Periodic re-authentication
          8.2.4 Software update
     8.3 Security guidelines for networks
          8.3.1 Network access control
          8.3.2 Network level mutual authentication
          8.3.3 Network misbehaviour detection
          8.3.4 Secure network configuration
     8.4 Security guidelines for audit trails
          8.4.1 Logging
     8.5 Relationship between security threats and security controls
Appendix I  An example of a secure configuration of remote access tools  in a sustainable energy resource
     I.1 System overview
     I.2 Secure configuration
          I.2.1 RAT client
          I.2.2 RAT server
          I.2.3 Network
          I.2.4 Security event log
Bibliography
<\pre>