1. Industrial Control Systems (ICS)
   1. Reasons an ICS may be targeted:
      1. Successful ICS attacks can have a large impact.
      2. ICS systems are often not well-secured.
      3. Because ICS systems require continuous operation, they may lack vital patches and updates.
         1. Real-Time Operating System (RTOS)
            1. A device that requires (practically) 100% uptime or availability and no latency.
   2. Types
      1. Supervisory Control and Data Acquisition (SCADA)
         1. Common in industries that require remote monitoring of their infrastructure and productions systems:
            1. Natural gas pipelines
            2. Power production and distribution infrastructure
            3. Water supply control systems
         2. Remote Telemetry Units
            1. Individual remote sensors used by the SCADA system to receive reports and administer local control.
         3. Attacks against SCADA systems can target the feedback provided to the central control system or can cause the local sensor and control unit to perform an incorrect action.
      2. Distributed Control System (DCS)
         1. Frequently used to control:
            1. Water and wastewater treatment systems
            2. Power generation plants
            3. Refineries and production lines
            4. Manufacturing facilities
         2. DCS systems use a combination of sensors and feedback systems to control and adjust processes as they receive feedback.
         3. Much like SCADA systems, an attack against a DCS system could be as simple as providing incorrect feedback, resulting in a shut-down, overproduction, or delay in the system at a critical time.
      3. Programmable Logic Controller (PLC)
         1. Special-purpose computers designed to handle difficult environments with special temperature, vibration, or other requirements.
         2. PLCs are designed to handle and respond to their specialized input and output requirements reliably to ensure that the processes they support occur without interruption or delay.
         3. Typical PLCs don't have a monitor or other interface beyond buttons or lights built into them.
         4. PLCs are commonly used in both SCADA and DCS systems.
2. System on a Chip (SoC) / Internet of Things (IoT)
   1. System on a Chip (SoC):
      1. An Integrated Circuit that integrates all components of a computer.
      2. Parts:
         1. CPU
         2. Memory
         3. I/O Ports
         4. Secondary Storage
      3. SoCs are very common in the mobile computing market, as well as in embedded systems, because of their low power consumption.
   2. Internet of Things (IoT):
      1. The network of items embedded with Internet access. This enables these items to connect, collect and exchange data.
   3. The adoption of SoC-based, IoT-enabled devices is growing rapidly. However, security has not kept pace. Because these technologies use the standard methods of wireless communication, attackers can easily modify current Wi-Fi, RFID, and Bluetooth attacks to target these devices.
3. Heating Ventilation & Air Conditioning (HVAC)
   1. Temperature Control:
      1. Heat from servers must be dissipated
      2. Important for:
         1. Server rooms
         2. Data centers
      3. Heavy-duty air-conditioning system
   2. Humidity Control:
      1. Static electricity is our enemy
      2. By increasing humidity, we decrease the buildup of static electricity and the chance of ESD
      3. It is important to have this system on its own dedicated circuit that is rated properly.
   3. Pipeless System and/or Access Control for Temperature & Humidity Control
      1. Because HVAC uses refrigerant, the pipes must be located away from the servers and other equipment. Another option is to use a pipeless system.
      2. Access controls to be able to change the temperature and humidity should be implemented. This can be integrated with current controls such as a monitoring system or key card access system.
   4. Hot and Cold Aisles
      1. The aisles in a server room or data center that circulate cold air into the systems and hot air out of them.
      2. Usually, the systems and cabinets are supported by a raised floor.
4. Special Purpose
   1. Vehicles
      1. Air Gap
         1. A method of securing a control unit, system, or network through isolation and possibly shielding.
      2. All vehicles should have appropriate locking systems and additional authentication methods such as:
         1. Passcodes
         2. Proximity Keys
         3. Biometrics
      3. Wireless Systems:
         1. Disable Bluetooth, GPS, and Wi-Fi when not in use.
   2. Unmanned Aerial Vehicle (UAV)
      1. More commonly known as a drone.
      2. UAVs may be targets of the following attacks:
         1. Command and Control (C2) Attacks
         2. Data Link Jamming
         3. Sensor Jamming
         4. Spoofing
         5. The organization that owns the UAV can prevent this by using:
            1. Best Coding Practices (SDLC)
            2. Encryption
            3. Mutual Authentication
            4. UAV-Specific Security Standards
      3. A well-funded attacker might own UAV technology and use it for:
         1. Reconnaissance
         2. Gaining Access to a Wireless Network
         3. To prevent this potential threat:
            1. Use strong wireless encryption protocols
            2. Physical security
            3. No-fly-zone policies
            4. Decrease the Wi-Fi power level to reduce the Wi-Fi area.