[White Paper] Operational Technology Cybersecurity

  /  ICS Security   /  Cybersecurity   /  [White Paper] Operational Technology Cybersecurity

[White Paper] Operational Technology Cybersecurity

The purpose of control system cybersecurity is to protect the control systems and the processes they monitor and control from electronic threats — that is, to “keep lights on and water flowing.” Networks are a support function in the overall objective of safety, reliability, and productivity — that is, to optimize the processes. What makes control system cybersecurity different from IT cybersecurity is the need to protect life and physical property. Because unintentional cyber incidents can be just as deadly and damaging as malicious events, both must be addressed.

Control System Cybersecurity

A typical control system is composed of Level 0,1 devices (sensors, actuators, and drives) connected to Level 2 controllers that are connected to process control networks and human-machine interfaces (HMIs), also known as operator displays, at Level 3, which are connected to long-term databases and off-site facilities including the internet at Level 4. Level 3 – 4 have the capabilities for cybersecurity and cyberlogging, and generally use IP networks. The sensors and the actuators operate almost exclusively in near-real time (microseconds to milliseconds), whereas the HMIs provide operator information on the order of seconds to minutes. The sensors and the actuators can operate — and in most cases were designed to function — without the IP network.

As technology has moved the intelligence further down to the lower-level devices, modern smart sensors can act not only as sensors but also as PLCs and gateways since they are equipped with Ethernet ports that allow direct communication with the cloud or the internet, bypassing the Level 3.5 DMZ. This capability, which provides improved productivity, also introduces a very significant cyber risk as the digital sensors have built-in backdoors to allow for calibration and other maintenance activities without a firewall or authorization.

The Cloud

As organizations transform their businesses with the adoption of the cloud and virtualization to help provide better visibility and improve productivity and efficiency, we believe there is a new level, Level 6: the cloud, which needs to be considered for cybersecurity in productivity.

In order to understand the cybersecurity status of an organization’s OT and control system environment, there is a need to understand how the control systems interact with the different threat vectors that could potentially affect their OT environment.

Learn how to protect all the systems at all levels of the industrial control system (ICS) environment, as the old adage that a breach arises from the weakest link applies to control systems, in this white paper from Trend Micro.

Sponsored by