“Many process applications such as blast furnaces run close to their explosive limits to make the most profit, and often use three oxygen analyzers to stay safe. However, these analyzers can represent a significant attack surface.” Schneider Electric’s Peter Traynor discussed how to keep analyzers secure at this week’s Innovation Days in Austin, Texas.
The Industrial Internet of Things (IIoT) and other forms of digitalization are bringing all kinds of process sensing and analysis functions closer to their I/O and control counterparts, but these links can also make measurement devices more vulnerable to cyber probes, intrusions and potential attacks. Fortunately, just as steps can be taken to improve the cybersecurity of higher-level systems, many of those same protections can be applied to the field instruments and process analyzers themselves.
"Many process applications such as blast furnaces run close to their explosive limits to make the most profit, and often use three oxygen analyzers to stay safe. However, these analyzers can represent a significant attack surface, and if an application like this is interrupted, it can cost $20,000 per hour," said Peter Traynor, product manager for spectroscopy, Applied Instrument Technologies, Schneider Electric. "Just the threat of ransomware can cause users to run their processes less aggressively, which can cause a loss of revenue."
Traynor presented "Designing, developing and deploying cyber-secure process analyzers" at this week’s Schneider Electric Innovation Days in Austin, Texas.
Protections get down
Two of the most basic cybersecurity strategies are Secure Socket Layer (SSL), an asymmetrically encrypted link between a server and client to protect sensitive information, and Advanced Encryption Standard (AES), a symmetrically encrypted link that uses the same software key to encrypt and decrypt data, so all parties must share it, explained Traynor. "However, we're interested in Level 1, where field devices like analyzers, field networks, actuators and switchgear are located.” This is also where the ISA99 committee and its ISA/IEC 62443 standard advise users to achieve defense-in-depth by establishing zones and conduits with firewalls between functional areas.
Because the typical exposure, or "threat surface," for analyzers extends from Level 0 devices like interferometers and analyzer ovens up to cloud-computing services, Traynor reports that many controllers typically implement cyber-secure web servers with SSL. Level 1 devices can likely do the same.
"The question is, can we get enough processing speed to support a more secure PLC and architecture?" asked Traynor. For instance, a mass spectrometer in an olefins unit needs to solve 13 equations simultaneously to calculate gas composition and control cracking severity, and usually employs a PLC with an update interval of 1.3 seconds. However, it also has no added security, and uses Microsoft Windows software that makes it even more vulnerable.
"One solution is to use our Modicon M580 ePAC controller, which is just being launched,” said Traynor. “It's Achilles Level 2 certified, and has an update interval of just 0.25 seconds. It can also perform role-based access control and hard-coded whitelisting, and has a USB port that can be used to add biometric security devices. It also benefits from the fact that our EcoStruxure Control Expert analyzer software, which calculates the 13 equations, isn't accessible to malware."