The ICC FTP Server 10.16.1.00.244 has been successfully implemented in various sectors, including:
IEC 62443, NIST SP 800-82 Subject: Security Risks of File Transfer Protocol (FTP) in Industrial Control Systems
| Role | Name | Approval | Date | |------|------|----------|------| | ICC Network Admin | [Name] | [Signature] | | | Security Analyst | [Name] | [Signature] | | | ICC Program Lead | [Name] | [Signature] | |
| IEC 62443 Reference | Requirement | Current Status | Risk Level | | :--- | :--- | :--- | :--- | | | Human User Identification | Fail : FTP often uses shared accounts. | High | | SR 1.3 | Account Management | Fail : Difficult to manage individual access on embedded devices. | Medium | | SR 2.1 | Authorization Enforcement | Partial : Often lacks role-based access control. | High | | SR 3.1 | Communication Integrity | Fail : No hashing/signing of FTP packets. | Critical | | SR 3.4 | Software Integrity | Fail : No validation of uploaded file integrity. | Critical | | SR 7.1 | DoS Protection | Warning : FTP service may be vulnerable to resource exhaustion. | High |