||In manufacturing industrial, for example, petrochemical plant, the promotion of technology makes manufacturing process computerization to be possible. The systems which control the manufacturing process are called Process Control System. Enterprises introduce the projects of process improvement to reduce the operation cost and enhance the product quality. It is necessary to have comprehensive information and technology to support the success of project for process improvement. Thus, it is a trend to setup the connections among Process Control Network, Process Information Network and Intranet. Due to the connections among networks, Process Control System is facing the threats of computer viruses, worms, attackers, and other malicious codes. Process Control System controls the manufacturing process base on the instructions issued from operators to maintain plant operations in a safe condition. Process Control System is the kernel of process operations. If Process Control System is being attacked or infected by computer viruses, the impacts would be the disclosure of critical business information, the failure of servers/workstations for monitoring process, or Process Control System fails totally that result in the plant operations with risky. The worst case would be an incident about pollution of environment, explosion, properties destroyed, or life lost. Therefore, enterprise should focus on reinforcing the information security mechanism of Process Control System to ensure plant operations reliably and safely.|
The objectives of this study are: a) To realize the challenges and threats that Process Control System is facing by the way of literature review. b) To discuss information security management related issues and resolutions of Process Control System base on physical, network, and servers respectively. c) To discuss the efficiency of the model of information security management that has been implemented in the enterprise. d) To make this study as a reference for related industries.