Industrial Control System Security Essential to Businesses

The global market has experienced tremendous growth in automation and industry. A key factor in this growth is the Industrial Internet of Things. The IIoT allows operators to connect to multiple devices and control systems through wireless networks.

Industrial control systems (ICS) are beneficial to businesses, especially those requiring constant monitoring of their assets such as industrial sites and those offering or utilizing enterprise cybersecurity programs. Although they are common practice in IT networks, they are far less common in operations environments. However, they have been increasing in use and are highly recommended by the International Electrotechnical Commission, International Society of Automation, and National Institute of Standards and Technology as part of broader ICS safety and reliability programs.

Additional practices recommended by these agencies include: developing security policies, training, and educational material; separating corporate and ICS networks; restricting physical access to ICS networks and devices; building redundancies in system components and networks; and designing critical systems for graceful degradation to prevent catastrophic cascading events.

According to a publication by the National Institute of Standards and Technology (NIST), possible ICS incidents include the following:

  • Blocked or delayed flow of information capable of disrupting ICS operations.
  • Unauthorized changes to instructions, commands, or alarm thresholds. Such changes could damage, disable, or shut down equipment; create environmental impacts, or endanger human life.
  • Inaccurate information sent to system operators, potentially causing the operators to initiate inappropriate action.
  • ICS software infected with malware or configuration settings modified, with negative results.
  • Interference with the operation of equipment protection systems, which could endanger costly and difficult-to-replace equipment.
  • Interference with the operation of safety systems, which could endanger human life.

Standards development organization CSA Group offers evaluation and certification services. “In an increasingly digital world, companies are finding that they need both functional safety and cyber security,” said global business unit director Adam Garner. “The two services go hand-in-hand to help ensure the safety of a company’s assets, information, and people, as well as the surrounding environment. You really can’t have one without the other anymore.

 

Cybersecurity services offered by CSA Group combine expertise in functional safety evaluation with emerging technologies, which involve working closely with businesses of varying sizes to tailor solutions to individual needs. These solutions are beneficial in identifying potential issues early in the design phase while implementing security measures to reduce risk. In addition to remotely controlling and monitoring assets, ICS systems can also optimize efficiencies and cut costs, perform preventative diagnostics to predict failures and address them as needed, and improve scheduled maintenance routines.

The NIST recommends the following security objectives for ICS implementation in order to provide maximum security and eliminate the potentially devastating results of system failures:

  • Restricting logical access to the ICS network and network activity through unidirectional gateways, a demilitarized zone (DMZ) network architecture with firewalls, and separate authentication mechanisms and credentials for users of the corporate and ICS networks.
  • Restricting physical access to the ICS network and devices through the use of locks, card readers, and/or guards.
  • Protecting individual ICS components from exploitation by testing and deploying security patches, disabling all unused ports and services, assuring they remain disabled, restricting ICS user privileges to only those that are required for each person’s role, tracking and monitoring audit trails, and using security controls such as antivirus software and file integrity checking software where feasible to mitigate malware.
  • Restricting unauthorized modification of data, whether in transit or at rest.
  • Detecting security events before escalating into incidents in order to help defenders break the attack chain before attackers accomplish their objectives, while also detecting failed components, unavailable services, and exhausted resources.
  • Maintaining functionality during adverse conditions by designing the ICS so that each critical component has a redundant counterpart and ensuring that failed components do not generate unnecessary traffic on the ICS networks or cause any other issues, such as cascading events.
  • Developing an incident response plan and restoring the system once an incident does occur.

 

 

Did you miss this?

Other Popular Stories

  • Manufacturing sales off in November led by cars, chemicals
  • Deep Roads — researchers propose taking road expansion underground to reduce congestion and pollution
  • Lane-Changing Algorithm Improves Driverless Vehicle Performance
  • SpaceX "first orbital class rocket capable of reflight" test flight today: $12 billion in contracts and a 100 missions at stake: live feed of launch
  • Waterloo researchers seek cheaper fuel cells for electric cars
  • Regina refinery will reuse all water with GE wastewater technology
  • Microgrids coming to two Ontario power utilities
  • Oil drags capital spending down, though some bright spots remain: Statistics Canada
  • Construction industry pleased with majority government in Ontario
  • Will quotas, targets and better technology get more drivers into EVs?
  • Bombardier has to delay CSeries first test flight again
  • Keystone XL clears another hurdle but fight not over
  • Space X Falcon Heavy launch live! 'Great rocket launch or the best fireworks display,' says Elon Musk. Watch the launch at 3pm today live on EDI Weekly
  • Eleventh hour intervention by Marchionne secured Fiat Chrysler deal
  • Canada's economy grew in Q4, manufacturing up in December
  • World's building industry told to decarbonize, cut emissions drastically
  • The latest breakthroughs in EV technology; batteries that charge in under 10 minutes 
  • 3 billion bottles, cans and containers diverted out of landfill as deposit programs and recycling management hit new milestone in Ontario
  • Calgary group offers $50 million for clean energy projects
  • Detect lung cancer with a nanotech breathalizer? It works, four out of five times, could revolutionize cancer screening
Scroll to Top