A change for the better – process sensors are now important for control system cyber security

Oct. 29, 2020
Process sensors have no cyber security or authentication. Yet, they are the starting point for cyber security, predictive maintenance, and process safety. There have been several demonstrations of hacking process sensors including by the Russians and recently by Dragos. Consequently, process sensors need to be explicitly addressed for control system cyber security, process safety, and predictive maintenance. 

Last year, Dragos’ Joe Slowak and Rob Lee publicly pushed back on the need to address process sensors (see https://www.controlglobal.com/blogs/unfettered/sensors-and-sensibility-dragos-and-other-ot-experts-lack-expertise-on-process-sensors/ ). Apparently, Dragos has reversed their position based on the results from a LOGIIC project “Learn why Sensors Matter Within Industrial Cybersecurity”. This work can be important if the Dragos findings can help change the mindset of those in the OT community who continue to ignore these critical control system devices.

I have been writing for years about the need to address Purdue Reference Model Level 0,1 devices including process sensors for control system cyber security. My interest in sensor cyber security stemmed from work I did at the Electric Power Research Institute (EPRI) where we discovered a previously unidentified sensor problem – a common cause, non-detectable failure in pressure, level, and flow sensors in nuclear safety applications.  As a result of this pressure sensor issue, I did detailed Failure Modes and Effects Analyses (FMEAs) on each of the major nuclear safety pressure sensor vendors on what turned out to be a manufacturing flaw (supply chain) in nuclear safety pressure sensors. This flaw actually contributed to the Three Mile Island core melt. I also did another project demonstrating the inherent drift in process sensors. Over the years, there have been many process sensor cyber-related incidents resulting in catastrophic failures. As process sensors typically do not contain any cyber security features, authentication, nor cyber logging capabilities and yet are the input to all OT networks, this should be recognized as a major security, reliability, and safety gap. Moreover, I am currently part of a joint ISA84 (process safety)/ISA99 (cyber security) working group where we are developing a process sensor cyber security annex for process safety applications.

Hacking process sensors is not new – it was demonstrated in the 2015-16 timeframe by Russian and other researchers in a public conference in the US. Moreover, published work from the US Air Force Institute of Technology demonstrated how this type of cyber-induced activity can be detected for multiple sensor manufacturers.

In order to address the gap in process sensor monitoring, I am working with a group to develop revolutionary sensor technology at the physics level that will provide the unique identity of the individual sensors (address counterfeits), the integrity of the measurement including identifying sensor drift (process safety, reliability, product quality, and predictive maintenance), and the origin of the measurement (cyber security and process safety). I will have more to say on this later.

It is incredible that the cyber security, equipment monitoring, and process controls and safety communities continue to erroneously assume the sensor measurement is uncompromised, authenticated, and correct. I hope that the new initiative by Dragos helps the OT community understand and address what’s too often been overlooked.

Joe Weiss

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.