Industrial Control System Security Essential to Businesses

ICS 1

The global market has experienced tremendous growth in automation and industry. A key factor in this growth is the Industrial Internet of Things. The IIoT allows operators to connect to multiple devices and control systems through wireless networks.

Industrial control systems (ICS) are beneficial to businesses, especially those requiring constant monitoring of their assets such as industrial sites and those offering or utilizing enterprise cybersecurity programs. Although they are common practice in IT networks, they are far less common in operations environments. However, they have been increasing in use and are highly recommended by the International Electrotechnical Commission, International Society of Automation, and National Institute of Standards and Technology as part of broader ICS safety and reliability programs.

Additional practices recommended by these agencies include: developing security policies, training, and educational material; separating corporate and ICS networks; restricting physical access to ICS networks and devices; building redundancies in system components and networks; and designing critical systems for graceful degradation to prevent catastrophic cascading events.

ICS 3

According to a publication by the National Institute of Standards and Technology (NIST), possible ICS incidents include the following:

  • Blocked or delayed flow of information capable of disrupting ICS operations.
  • Unauthorized changes to instructions, commands, or alarm thresholds. Such changes could damage, disable, or shut down equipment; create environmental impacts, or endanger human life.
  • Inaccurate information sent to system operators, potentially causing the operators to initiate inappropriate action.
  • ICS software infected with malware or configuration settings modified, with negative results.
  • Interference with the operation of equipment protection systems, which could endanger costly and difficult-to-replace equipment.
  • Interference with the operation of safety systems, which could endanger human life.

Standards development organization CSA Group offers evaluation and certification services. “In an increasingly digital world, companies are finding that they need both functional safety and cyber security,” said global business unit director Adam Garner. “The two services go hand-in-hand to help ensure the safety of a company’s assets, information, and people, as well as the surrounding environment. You really can’t have one without the other anymore.

ICS 2

 

Cybersecurity services offered by CSA Group combine expertise in functional safety evaluation with emerging technologies, which involve working closely with businesses of varying sizes to tailor solutions to individual needs. These solutions are beneficial in identifying potential issues early in the design phase while implementing security measures to reduce risk. In addition to remotely controlling and monitoring assets, ICS systems can also optimize efficiencies and cut costs, perform preventative diagnostics to predict failures and address them as needed, and improve scheduled maintenance routines.

The NIST recommends the following security objectives for ICS implementation in order to provide maximum security and eliminate the potentially devastating results of system failures:

  • Restricting logical access to the ICS network and network activity through unidirectional gateways, a demilitarized zone (DMZ) network architecture with firewalls, and separate authentication mechanisms and credentials for users of the corporate and ICS networks.
  • Restricting physical access to the ICS network and devices through the use of locks, card readers, and/or guards.
  • Protecting individual ICS components from exploitation by testing and deploying security patches, disabling all unused ports and services, assuring they remain disabled, restricting ICS user privileges to only those that are required for each person’s role, tracking and monitoring audit trails, and using security controls such as antivirus software and file integrity checking software where feasible to mitigate malware.
  • Restricting unauthorized modification of data, whether in transit or at rest.
  • Detecting security events before escalating into incidents in order to help defenders break the attack chain before attackers accomplish their objectives, while also detecting failed components, unavailable services, and exhausted resources.
  • Maintaining functionality during adverse conditions by designing the ICS so that each critical component has a redundant counterpart and ensuring that failed components do not generate unnecessary traffic on the ICS networks or cause any other issues, such as cascading events.
  • Developing an incident response plan and restoring the system once an incident does occur.

 

ICS 5

 

Did you miss this?

Other Popular Stories

  • Natural Resource GDP increased 0.4%, led by Energy subsector at 0.7% — Statscan
  • World's oil suppliers in for a shock: IEA
  • Modest business growth forecast as manufacturing slows in June
  • Critical labour shortage hurting meat industry; immigration policy blamed
  • Vancouver shipyard awarded $3.3 billion to build Coast Guard ships
  • For some car makers March was best ever
  • Aerospace industry "steady but unspectacular" in 2013: Conference Board
  • Why a Russian submarine may have tried to tap into undersea communications: 95 percent of communications and $10 Trillion in data are carried on undersea cables
  • First Nation's groups propose specific risk mitigation that could "save the pipeline"
  • Canada-US trade as it should be, but diversification desirable: report
  • Canada's auto sales soar; Toyota passes 100K mark for hybrids
  • Bombardier Transportation workers ratify contract
  • A supersonic jet with no front window? NASA's X-59 uses a 4K monitor instead.
  • Is Clean Diesel a myth, or a yet-to-come promise?
  • International Trade Commission Hands Down Verdict in Bombardier versus Boeing Dispute
  • Magna unveils newest concept car, posts strong Q4 profits
  • Keystone XL clears another hurdle but fight not over
  • Researchers find way to turn wood into supercapacitors
  • Company opens new landing gear plant for "most important contract" ever
  • 200 days in lockup: Four volunteers live in simulated moon lab in preparation for future moon mission
Scroll to Top