I will be presenting Monday September 21, 2020 at 2:20pmEastern at the ICSJWG Fall 2020 Conference on “Presidential Executive Order 13920 and the OT Maginot Line”.
Cyber security was initially an IT function. To IT, the primary issue was to protect the Internet Protocol (IP) network. Consequently, all monitoring and protection occurred at the IP networks which inherently contain cyber security and cyber logging. Control systems also use IP networks, but additionally use control system hardware devices such as process sensors, actuators, drives, etc. Unlike IT devices such as firewalls, routers, and switches, control system devices have no cyber security, authentication, or cyber logging capabilities. Additionally, control system devices utilize lower level, non-IP networks that have no cyber security or cyber logging. For control system applications, the OT approach has been to emulate what has been done for IT. That is, provide all monitoring and protection around the OT network which excluded protecting the field equipment and control system devices. Effectively, IT/OT set up a Maginot Line similar to what was done during World War II. However, just like the Germans in World War II, the Chinese evaded the “OT Maginot Line” by installing hardware backdoors, in this case, in large electric transformers that would allow the attackers backdoor access to the transformer equipment behind all OT network monitoring and protection. The Chinese also provided counterfeit pressure and differential transmitters which operate behind all firewalls and are 100% trusted. This is a major safety concern. These attack vectors, which would allow the Chinese to damage critical equipment at a time of their choosing, resulted in Presidential Executive Order (EO) 13920. The EO included all field hardware and control systems yet excluded all network equipment. There are millions of pressure and differential pressure transmitters and more than 200 large electric transformers in the US bulk electric grid without a capability to detect if backdoors or counterfeits are present. This presentation will address the engineering issues behind the Executive Order and new unhackable process sensor technology that can detect counterfeit devices and validate the origin of “sensor” signals. This process sensor monitoring technology will enable higher confidence that supply chain issues will not have an impact on the process as well as provide higher confidence in reliability and safety.
Joe Weiss
