This group is the default community for every Energy Central registered member. We discuss and share a variety of topics related to the global power industry. 

WARNING: SIGN-IN

You need to be a member of Energy Central to access some features and content. Please or register to continue.

Post

The Cyber Security Challenges of Industrial Control Systems

Source: Trace Bellassai, Client Operations Engineer

Industrial control systems are the computers that control nearly every aspect of an industrial plant. Whether that be a manufacturing plant, or a power plant, the security of these assets is of paramount importance to the plant owner, and depending on the type of plant, even the country. Security in the ICS world, however, can be a little more complicated than the security measures taken on your home PC. This is due to many factors, from the protocols being used by many ICS devices to communicate being older, and not supporting encryption, to the fact that updating a device may require the entire plant to shut down in order to do so, which just may not be feasible in some situations.

Air gaps are one step that have been taken to bolster security of ICS networks. Air gapped networks are essentially self-contained networks that are not connected to the internet, or any other non-essential system. This allows a system administrator to lower the attack surface available to a potential malicious actor.  The problem here comes in that plant operators are wanting more and more information available to them about their plant. With upcoming technologies, such as the Industrial Internet of Things (IIoT), it is becoming more and more popular for a plant operator to want these, once air gapped networks, to now be on the internet.

Protocols are another example of what sets apart an ICS network from a traditional IT network. Standards such as Modbus and DNP3 do exist in the ICS world, but they were not built with security in mind, and the standards themselves lack encryption. To counter this, some vendors have implemented their own encryption to use with these protocols or have simply developed their own proprietary protocols. While this may be better from a security standpoint, it eliminates one of the major advantages to having a standard in the first place, interoperability. These protocols can have an “obscurity” element to them, but as we have seen with attacks specifically targeting OT devices, security through obscurity is not practical.

Something that maybe seemingly simple in the IT world, can create lot of headaches when in the ICS world. Something as simple as asset management and discovery, which is of extreme importance for security, does not have a great solution in the ICS world. Proprietary encryption and protocols can be partially to blame for this, as it makes talking to the devices in an automated way much more difficult. IT devices are also often incorporated into an ICS network, for example, in the form of a human-machine interface (HMI). These HMI’s can open additional attack vectors because now an attacker can attack a traditional IT device (which arguably have more attacks being developed for them), and gain access to an OT network. This means that ICS operators need to be adept in securing both IT and OT environments, rather than focusing all efforts on one, or the other.

Emily  Bolinsky's picture

Thank Emily for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Discussions

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »