| Listen on Google Podcasts | Listen on Mave | Listen on Yandex Music |
Ruslan Rakhmetov, Security Vision
In recent years, digitalisation processes have affected many sectors of the economy, and, in particular, it is impossible to imagine modern manufacturing, mining, energy, transport, and medicine without automated process control systems, SCADA-systems, programmable logic controllers (PLCs), and distributed control systems. These tools are integral parts of OT-infrastructure (from Operational Technology), which can interact with the classical IT-infrastructure and be the objects of cyberattacks.
Often, OT network components perform mission-critical tasks, the interruption or compromise of which can have serious consequences. NIST document SP 800-82 Rev. 2, Guide to Industrial Control Systems (ICS) Security, provides recommendations for securing OT networks and ICS components to address specific cyber risks and cybersecurity and reliability requirements.
So, the NIST SP 800-82 document focuses on reviewing the technologies of modern OT-networks and automated control system components, describing threats and vulnerabilities specific to them, and providing recommendations for handling related cyber risks. It is emphasised that modern control systems are becoming more and more IP-oriented, as well as the increasing connectivity of the OT segment with the company's IT infrastructure, which, in turn, increases the likelihood of exploiting vulnerabilities and cyber incidents. OT-networks use a variety of devices: sensors, transducers, actuators (actuators), which are connected with the IT infrastructure through IoT-devices to process incoming information. At the same time, the specifics of automated process control systems are such that the priority is given to continuity of operation, availability and integrity over confidentiality, and to ensure the protection of information, means designed taking into account the nuances of OT-networks should be used.
The main features of the ACS are:
1. Increased requirements for timeliness and performance of the operations performed: operation of OT-components in near real-time mode, as well as dependence/influence on the physical characteristics of the operating environment.
2. Increased requirements to availability: critical dependence of technological processes on ACS components and unconditional priority of production continuity justify the use of OT-component redundancy, detailed planning of service interruptions (e.g., reboots or software updates), thorough testing of new components and changes made.
3. A shift in focus in cyber risk management: the ACMS prioritises production continuity, process and equipment safety, and compliance with applicable legal requirements (e.g. environmental regulations).
4. Physical effects: direct impact of the ACS on physical processes.
5. Systems management: the components of an automated process control system require different skills and expertise than IT systems and must be managed by specially trained, qualified engineers.
6. Resource constraints: control system components differ from IT systems in their hardware and software characteristics, and may not have the functionality required to fulfil information security requirements.
7. Interoperability: data transfer protocols and data transfer medium may be proprietary and non-typical.
8. Change management: Patch management, so important for cybersecurity, should only be performed in the APCS after thorough testing by the vendor and on-site (in the test loop), with a pre-determined upgrade plan, taking into account the possible use of obsolete software components in the APCS.
9. Technical support management: manufacturers of automated control systems, as a rule, provide dedicated support for purchased equipment, which makes it difficult to obtain technical support from another company.
10. Component lifecycle: control systems are designed to operate for 10-15 years, making it difficult to quickly replace obsolete components.
11. Location: geographical distribution and, often, difficult accessibility of the components of ACS and OT-networks complicates their administration.
To ensure information security of OT-networks and ACS components, NIST SP 800-82 suggests implementing the following principles:
1. Distinguishing logical and network access to the OT-network and components of the APCS using access gateways, DMZ subnets, firewalls, VLANs, different accounts and authentication methods for the IT-network and OT-network.
2. Restricting physical access to components of the APCS.
3. Protecting the components of the APCS by installing security updates, disabling ports and services not in use, minimising user authorisation, auditing security events, using integrity controls and PPE (where possible) to prevent exposure to malicious software code.
4. Preventing unauthorised modification of data (at least in transmission and storage).
5. Handling events and cyber incidents by monitoring the status of OT networks and ACS components.
6. Providing fault tolerance through redundancy of software and hardware components, safe emergency shutdown of one component without disrupting other components of the APCS, scheduled switching from automatic to semi-automatic and then to manual mode in the event of an accident or malicious influence.
7. Recovery from cyber incidents.
To build an effective cyber defence system, the principle of defence in depth should be followed, including components such as:
1. Developing policies, procedures, training programmes specifically for OT networks and components of the APCS.
2. ensuring cybersecurity throughout the lifecycle of OT-networks and automated control system components.
3. Application of network topology with placement of critical components of OT-networks and automated control system components in the most protected segment.
4. Network delimitation of IT-networks and OT-networks using firewalls, DMZ-subnets, one-way gateways, data diodes.
5. Ensuring redundancy of critical components and the networks serving them.
6. Application of fault-tolerance principles in the design and implementation of OT-networks and ACS components.
7. Use of modern security technologies (if possible).
8. Application of cryptographic means for protection of transmitted and stored data.
9. Installing updates after careful planning and testing.
10. Monitoring and analysing information security audit events of OT networks and ACS components.
11. Applying reliable and secure network protocols and services (where possible).
