Regarding Joe Weiss' blog, I have my doubts if counterfeit transmitters would be the ultimate cybersecurity worry for the industry. A threat actor needs to worry about the efficiency/effectiveness of a cyber attack, and using counterfeit transmitters has a lot of disadvantages: it's a physical element, so more easy traceable to its roots. It can end up in many places in the plant, so very imprecise in delivery of the attack. It could mess up the transmitter settings, reverse range for example, but this would merely be experienced as a transmitter failure, something that happens regularly. The top-down path to the transmitter offers much more opportunities and flexibility.
Then there is the claim that a transmitter can be used to inject malware in the control system. Theoretically, there is a small path to do this, but a complex path. For example, to transfer data from a HART transmitter into the ICS would require some buffer overflow method that first needs to breach the HART modem software (either in the IO card of the controller or the IOMUX) by sending it data that doesn’t meet the protocol limitations. If you managed to do that, the attacker needs a second buffer overflow in the controller that processes the data.
Then there are transmitters that connect directly to the Ethernet. These might become an issue with the rise of IIoT, but this class of transmitters is exposed to many cyber hazards, and should, in my opinion, only be used for monitoring purposes, not for control or safety.
But all of these considerations are taken into account in a cybersecurity hazop as part of risk analysis. For me, the biggest risk of counterfeit equipment is a physical risk leading to potential loss of containment.
Sinclair Koelemij
[email protected]
I’ve just read "Fake news," and write to you from SnapDragon, where we fight fakes online.We monitor online marketplaces on behalf of our clients, removing illicit listings—and sellers—and gathering the data as we go for their future use. We're not lawyers, and don't use legal processes, but the official reporting procedures of the platforms themselves (in whatever language is relevant) and intellectual property relevant to the product.
SnapDragon was born out of defending our own products, so we've been at the receiving end of counterfeiters and piracy folk, and have felt the pain that ensued. Now the passion we put into defending our own brand, we put into working for and with our clients to defend their brand. Our aim is to empower businesses to understand and combat issues of intellectual property infringement, ensuring that corporate reputation, revenue streams and customer base are protected.
We have clients across many different sectors, including componentry. We, like you, are horrified at the lengths counterfeiters will go to.
Mary Kernohan
[email protected]