ICSJWG presentation - “Presidential Executive Order 13920 and the OT Maginot Line”

Sept. 8, 2020
I will be presenting Monday September 21, 2020 at 2:20pmEastern at the ICSJWG Fall 2020 Conference on “Presidential Executive Order 13920 and the OT Maginot Line”.

I will be presenting Monday September 21, 2020 at 2:20pmEastern at the ICSJWG Fall 2020 Conference on “Presidential Executive Order 13920 and the OT Maginot Line”.

Cyber security was initially an IT function. To IT, the primary issue was to protect the Internet Protocol (IP) network. Consequently, all monitoring and protection occurred at the IP networks which inherently contain cyber security and cyber logging. Control systems also use IP networks, but additionally use control system hardware devices such as process sensors, actuators, drives, etc. Unlike IT devices such as firewalls, routers, and switches, control system devices have no cyber security, authentication, or cyber logging capabilities. Additionally, control system devices utilize lower level, non-IP networks that have no cyber security or cyber logging. For control system applications, the OT approach has been to emulate what has been done for IT. That is, provide all monitoring and protection around the OT network which excluded protecting the field equipment and control system devices. Effectively, IT/OT set up a Maginot Line similar to what was done during World War II. However, just like the Germans in World War II, the Chinese evaded the “OT Maginot Line” by installing hardware backdoors, in this case, in large electric transformers that would allow the attackers backdoor access to the transformer equipment behind all OT network monitoring and protection. The Chinese also provided counterfeit pressure and differential transmitters which operate behind all firewalls and are 100% trusted. This is a major safety concern. These attack vectors, which would allow the Chinese to damage critical equipment at a time of their choosing, resulted in Presidential Executive Order (EO) 13920. The EO included all field hardware and control systems yet excluded all network equipment. There are millions of pressure and differential pressure transmitters and more than 200 large electric transformers in the US bulk electric grid without a capability to detect if backdoors or counterfeits are present. This presentation will address the engineering issues behind the Executive Order and new unhackable process sensor technology that can detect counterfeit devices and validate the origin of “sensor” signals. This process sensor monitoring technology will enable higher confidence that supply chain issues will not have an impact on the process as well as provide higher confidence in reliability and safety.

Joe Weiss

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.