What is the state of ICS cyber security technology

June 21, 2011

Much has transpired since I first got involved in ICS cyber security in 2000.  At that time, cyber security was almost universally viewed as an IT problem. There has been a tremendous increase in awareness of the issue.

Much has transpired since I first got involved in ICS cyber security in 2000.  At that time, cyber security was almost universally viewed as an IT problem. There has been a tremendous increase in awareness of the issue. When I held the first Control System Cyber Security Conference in 2002, the only other ICS cyber security discussions were at the ISA Expo where I was holding panel sessions.  That has certainly changed with numerous conferences, articles from many experts (including many I have never heard of), and legislation now aimed at securing ICSs.

There has been significant improvement in securing the Windows-based Human-Machine Interface - HMI.  There are now many companies offering firewalls, IDS/IPS, and other Windows solutions that have been modified (I hope) for ICS applications.  Assuming these solutions have been tested in ICS applications, this should certainly help.  The down side is applying IT solutions that have not been tested in ICS applications. Unfortunately, this has already happened with negative consequences to the ICSs. The appropriate technologies applied appropriately (notice both need to be addressed) should help reduce the risk from typical IT threats either aimed at the ICS HMI or through the unintended consequences of connecting ICS HMIs to Corporate networks (lack of airgaps).

There has also been the establishment of a cottage industry in compliance monitoring and reporting to meet NERC CIP requirements. 

However, work is still needed in securing the Programmable Logic Controllers (PLCs) and other resource-constrained, deterministic field devices that could cause devastating failures and loss-of-life. This includes both Internet Protocol (IP) and serial communications. Many of the high impact cyber incidents to date including Stuxnet and Aurora were control system issues that would not be addressed by existing IT or even many of the ICS HMI solutions. There is also a need to identify what an ICS cyber attack would look like (Stuxnet was obviously not detected as it was in the wild for more than a year). As with the HMI, the appropriate ICS technologies applied appropriately should help reduce cyber risk and improve safety and reliability. I will have several vendors presenting control system solutions that I believe address important security issues at the September ACS Conference.  

Joe Weiss

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.