Things ain't wot they used to be
23 June 2015
The exploding number of connected devices means that Internet connectivity and services are being added into devices not originally intended for the purpose. Not only are HUGE amounts of data generated, but it this makes them vulnerable to being attacked, remotely disabled, or compromised in some other undesirable way – each scenario seriously threatening to any business...
In the past, product developers would rely on the fact that their devices were too few and too uninteresting to hackers to attempt to exploit them. Unfortunately, these once "no interest" devices will become quite tempting as targets for exploit.
Historically, the plant floor and the enterprise have remained separate domains. However, the convergence of enterprise IT and the industrial network means a hacker could wreak havoc in a company’s ability to manufacture. Therefore, it is important to build a bullet-proof security scheme when converging IT and plant floor networks, covering everything from protocols to port physical security. A firewall at the OT perimeter (or the Internet perimeter, for that matter) is simply insufficient to adequately protect the control network. Experience has shown that there are multiple pathways to the control system, opening up ICS to both malicious and accidental cyber incidents.
Many industries are still in the "very early” stage of ICS security expertise. Having a one-stop source for cyber security services and solutions makes it easier to improve defences. Belden has recently teamed up with Securicon to provide a single source for companies who need both services and technology in order to improve their industrial cyber defences.
"Engineers not specialising in cyber security often throw their hands up at security, it’s not what they do,” says Pat Differ, director of sales at Securicon LLC, a consulting firm specialising in cyber security services and solutions for critical infrastructure industries. "The result is they may end up relying heavily on IT-oriented or recommended solutions that are not meant for industrial applications. For example, it is important to take into account the harsh environment, high speed switching and insecure-by-design protocols that are characteristic of plant infrastructure.”
Rockwell Automation and Cisco have developed a model logical network architecture - Converged Plant-wide Ethernet (CPwE) - that safely merges the two standards-compliant Ethernet networks. It is a set of best practices that extends to the physical layer.
One of the most prevalent examples of the need for security is the smart grid: as information on the grid becomes more accessible, so does the damage a security breach can inflict. The new system has to integrate not only with the original system but also all of the other systems.
Automation software specialist COPA-DATA specialises in industrial automation software for the energy sector to help companies comply with the IEC 61850, IEC 60870 standards, used to communicate to both field level and to superordinate systems. The DNP3 protocol is an open communications protocol ideal for use with facilities that are distributed over a wide geographic area.
Zenon Energy Edition supports substation automation and distribution management, grid control technology and wind park management, using SCADA systems to manage, monitor, control and protect Smart Grids.
Monitoring oil and gas field installations, pipelines, and other widely distributed facilities relies on satellites and other platforms for transmitting data. In addition to eliminating delays and achieving high quality communications, facility operators need to reduce costs by limiting the volume of data that needs to be transmitted.
Yokogawa Electric is releasing an enhanced version of its Stardom network-based control system, specifically targeted at upstream oil and gas development and production, aimed at reducing communication costs and ensuring highly reliable monitoring and control. Stardom network-based control systems consist of FCN/FCJ autonomous controllers and either a VDS or FAST/TOOLS SCADA server.
- The convergence of enterprise IT and the industrial network means a hacker could wreak havoc in a company’s ability to manufacture
- There are multiple pathways to the control system, opening up ICS to both malicious and accidental cyber incidents
- Having a one-stop source for cyber security services and solutions makes it easier to improve defences