Now control system networks may not have laptops moving around, but they do have a lot of interconnections that we tend to forget about. Besides the usual link to the business LAN, there can be a myriad of other connections into the control system, including serial links, wireless systems, third-party maintenance connections, remote-site connections over leased public telecommunications networks and dial-up modems. In fact, when ARC Advisory Group recently surveyed control engineers about the types of connections that their automation networks had to the outside world, this is what it found:
- 47.5% Company Intranet/Business Network
- 42.5% Direct Internet Connections
- 35% Direct Dial-up Modems
- 20% Wireless Modems
- 17.5% No Connection
- 8.0% Other Connections
Notice that the percentages in the ARC study do not add up to 100%, indicating that most facilities have multiple pathways into the control system. One security survey of a large refinery uncovered 14 different pathways. The bottom line is that modern control systems are so complex that expecting every single byte of information flowing in or out of the automation network to be inspected by a single firewall is just no longer realistic.
So if the bastion model of security wont protect our control systems, what will? One place to look is in the work of a little-known, but influential, non-profit foundation called the Jericho Forum.
Eric J. Byres, PE, is principal at Byres Security, Inc. He can be reached at firstname.lastname@example.org.
The next installment of this series will discuss the Jericho Forum and its approach to control system security.
When Good Firewalls Go Bad
Numbers of Critical Errors in Professionally Configured Firewalls
Source: Courtesy of Avishai Wool, IEEE Computer Magazine, June 2004.