1660238328261 Jimmontague0609

INL advocates attacker thinking for cybersecurity

Nov. 16, 2020
Idaho National Laboratory scales up cybersecurity practices by joining CyManII effort, pushing adversary perspective

To share and coordinate effective cybersecurity practices  more widely, Idaho National Laboratory is participating in the U.S. Dept. to Energy's (DoE) $70-million project to launch the Cybersecurity Manufacturing Innovation Institute in mid-November at the University of Texas San Antonio (UTSA).

The institute's three goals are "securing automation, securing supply chain networks, and building a national program for education and workforce development." It will include the DoE's INL for ICS cybersecurity and physical infrastructure, Sandia National Laboratory for supply cybersecurity, and Oak Ridge National Laboratory for advanced manufacturing. CyManII will also include 22 universities, 15 institutes, 50-60 partners, and 600 manufacturers, according to Wayne Austad, CTO for National and Homeland Security programs at INL.

"CyManII will connect cybersecurity on digital plant floors with supply chains and he business level," says Austad. "It will combine INL's experience in process control cybersecurity with expertise from academia and the supply chain. The vision is to include all manufacturing centers and industries for the long term."

Design-in like an adversary

Beyond endorsing secure design lifecycles based on the Purdue model for ICS security, Austad reports that INL also supports its Consequence-driven, Cyber-informed Engineering (CCE) program, which focuses on the final results of performance and service interruptions caused by cyber-intrusions, and how to secure the national critical infrastructure (CI) systems. Of course, the Purdue model is based on the seven-layer Open System Interconnect (OSI) Model for Control Hierarchy.

CCE advises users to "think like an adversary," and begins with the assumption that if a CI facility is targeted by a skilled and determined adversary, the targeted operation can and will be sabotaged. INL adds that the CCE methodology gives CI owners, operators, vendors and manufacturers a better-focused, bottom-line approach to: determine their most critical functions, evaluate complex systems, identify methods an adversary could use to compromise the critical functions, and design-in proven engineering, protection, and mitigation strategies to isolate and protect a user’s most critical assets.

"Process and plant engineers have an essential advantage because they control what governs their operations, such as the limit switches on tanks and flow equipment, or the separate components and buses for safety," says Austad. "So, if cyber-threats can't be engineered out, they do show the best locations and devices in which to invest in cybersecurity."

Assess, scale and culture

Similar to most cybersecurity efforts, Austad reports a CCE project begins with an in-person assessment by INL and other experts, who scale their solution for each client, so they can maintain it themselves. CCE also works in conjunction with INL's ResilienceOptimizationCenter (ROC), which applies its laboratory-wide capabilities to tackle infrastructure challenges through applying laboratory-wide capabilities and expertise.

"We see CCE as a culture change that allows users to regain control of their application's consequences, and engineer their security within their own cyber-physical context, instead of waiting for a black box or IT to do it all," says Austad. "If physics enable nuclear reactors to scale down, or let computers eliminate moving parts and cooling requirements, and let smart phone operate reliably and safely, then why can't we do the same for ICS cybersecurity?

"Likewise, as they've evaluated the critical functions of more applications, CCE and ROC learned there are design pressures for agility beyond what's needed distribute cybersecurity among associated organizations or address today's COVID-19 requirements. Those issues are just the beginning because designed-in solutions are needed for digital ecosystems and long-term transformation, too."

About the author: Jim Montague
About the Author

Jim Montague | Executive Editor

Jim Montague is executive editor of Control. 

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.