Cybersecurity: The devil in the devices

Nov. 5, 2018
Joe Weiss discusses how control system intelligent control and communication capabilities are moving further down into end devices.

Control system intelligent control and communication capabilities are moving further down into the end devices—process sensors, actuators and drives. From a cybersecurity perspective, this is moving the security responsibilities closer to the end user/system integrator. From a cybersecurity perspective, it's also blurring the lines between a master station (DCS or SCADA), a data aggregator (asset manager or remote terminal unit), and field device (smart transmitter or intelligent electronic device, i.e. smart relay/breaker).

This movement in technology impacts the definitions of Purdue Reference Model level 0,1 devices. The fundamental question is, what is a sensor? A sensor can simply be two pieces of wire—a thermocouple. On the other hand, a sensor can be a smart transmitter that includes the sensor(s) and fully configurable electronics that effectively provide PLC capabilities. Smart transmitters generally have analog inputs that can provide safety input, and also have Ethernet ports to go directly to the cloud/Internet—within same device.
I have been analyzing a specific state-of-the-art smart transmitter (hopefully the detailed assessment will become a formal paper). The transmitter is cyber vulnerable because of the design features, similar to the Siemens systems in Stuxnet. One design feature is that USB can be used to extract configuration files directly from the transmitter (not a Siemens device). However, there is no capability to lock down the USB port.

Capability-wise, this transmitter is a PLC. However, because the device is considered a transmitter, not a PLC, the Stuxnet “fixes” of monitoring firmware changes, precluding configuration/logic changes, USB control, etc. have not been included. The transmitter can directly communicate with the cloud, Internet, etc., yet there is no DMZ because it is a transmitter, not a server.

There is a move toward embedding web servers directly into the field devices. This started many years ago with some distribution transformers because that would provide the transformer temperature to whomever needed it (specious reasoning). After all of the discussions about keeping control systems, especially those devices with no security off the Internet, why do this?

In my “Unfettered” blog, I have provided numerous examples where the “good guys” have demonstrated a lack of imagination as to cyber threats. Here is another example to add to the list. These examples also beg the question: Shouldn’t there be a safety assessment before new capabilities/features are added to control systems, particularly those with no cyber security capabilities?

Joe Weiss, P.E.
Applied Control Solutions LLC
[email protected]

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.