Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Securing Industrial Control Systems and Safety Instrumented Systems

You're reading from   Securing Industrial Control Systems and Safety Instrumented Systems A practical guide for safeguarding mission and safety critical systems

Arrow left icon
Product type Paperback
Published in Aug 2024
Publisher Packt
ISBN-13 9781801078818
Length 256 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Jalal Bouhdada Jalal Bouhdada
Author Profile Icon Jalal Bouhdada
Jalal Bouhdada
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Part 1:Safety Instrumented Systems
2. Chapter 1: Introduction to Safety Instrumented Systems (SISs) FREE CHAPTER 3. Chapter 2: SIS Evolution and Trends 4. Chapter 3: SIS Security Design and Architecture 5. Part 2: Attacking and Securing SISs
6. Chapter 4: Hacking Safety Instrumented Systems 7. Chapter 5: Securing Safety Instrumented Systems 8. Part 3: Risk Management and Compliance
9. Chapter 6: Cybersecurity Risk Management of SISs 10. Chapter 7: Security Standards and Certification 11. Chapter 8: The Future of ICS and SIS: Innovations and Challenges 12. Index 13. Other Books You May Enjoy

What is ICS cybersecurity?

The term ICS is used in a broad sense to refer to programmable-based devices that are used to control, monitor, supervise, automate, or interact with assets used in continuous, discrete, and hybrid processes in manufacturing, infrastructure, and other commercial and industrial sectors.

At its heart, ICS cybersecurity is about both protecting industrial assets and recovering from system upsets that occur from electronic communications between systems, or between systems and people.

An ICS includes various components, such as the following:

  • Distributed Control Systems (DCS)
  • SIS
  • HMIs
  • Historians
  • Supervisory Control And Data Acquisition (SCADA)
  • Programmable Logic Controllers (PLCs)
  • Remote Terminal Units (RTUs)
  • Intelligent Electronic Devices (IEDs)
  • Power Monitoring Systems (PMSs)
  • Protection relays
  • F&G
  • ESD
  • PSD
  • BMS
  • Building Control Management Systems (BCMSs)
  • Electrical Network Monitoring Control Systems (ENMCSs)
  • Alarm management systems
  • Intelligent Asset Management Systems (IAMSs)
  • Sensors and transmitters
  • Valves
  • Drives, converters, and so on

Establishing a secure baseline for an ICS can be a complex and wide-reaching process as this can cover software, hardware, and communications interfaces. These hardening parameters need to be defined, at the very minimum level, by the following:

  • OS security
  • Endpoint security
  • Embedded device security
  • Application software security
  • Network security
  • Access control (physical and logical)
  • Anti-malware
  • Security monitoring

Despite certain common attributes, ICS differs from the traditional IT systems that are widely deployed in office and enterprise networks. Historically, ICS implementations were heavily reliant on physical security and lacked interconnection with IT networks and the internet. However, as the trend toward ICS intertwining with IT networks intensifies, this creates a greater need to secure these systems from remote, external threats as well as against adversary and non-adversary threats such as disgruntled employees, malicious intruders, and malicious or accidental actions taken by insiders.

In relation to the CIA’s information security model, availability and integrity are given precedence over confidentiality for ICS. The ICS security model is therefore often referred to as an AIC model. In the meantime, reliability and safety remain top priority!

The following figure compares the priorities of the ICS security model with the IT information security model:

Figure 1.7 – An ICS versus an IT model

Figure 1.7 – An ICS versus an IT model

Let’s have a closer look at the definition of each element of the (S)AIC triad:

  • Safety: The assurance from unacceptable risk.
  • Availability: The ability of a system or asset to be accessed and used by an authorized user when required.
  • Integrity: The assurance that a system or asset is accurate and complete. It also refers to the assurance that the system or asset can only be modified by an authorized user.
  • Confidentiality: The assurance that a system or asset is only accessible to an authorized user and is kept secure from unauthorized access. It also refers to the assurance that information within the system or asset is only accessible to an authorized user.

The increasing convergence of business and plant floor systems, emerging standards such as the International Society of Automation’s ISA/IEC-62443 and the National Institute of Standards and Technology’s NIST 800-82 series, and emerging regulatory requirements in a number of countries, all point toward a growing awareness of the susceptibility of the modern industrial process to cybersecurity threats.

Considering the potentially dangerous safety consequences that can occur as a result of these failures, today’s plants need to clearly understand the actual risks – and how best to mitigate these risks – in order to maintain safe and reliable operations.

The potential implications of ICS security breaches encompass a wide range of damaging consequences that might include, but are not limited to, asset, financial, environmental, and reputational damage:

  • Compromise and unauthorized disclosure of confidential data to the public
  • Tampering of system reliability or integrity of process data and production information
  • Loss of View (LoV) and Loss of Control (LoC)
  • Process abuse and corruption that could bring about degraded process efficiency, poor product quality, diminished manufacturing capability, impaired process safety, or environmental release
  • Damage to assets
  • Health implications including injuries and fatalities
  • Demeaned and negative reputation and public trust
  • Breach of contractual and regulatory obligations (such as clients, partners, and regulators)
  • Impact on national security and critical infrastructures

The following consequences have already occurred within ICS installations including SIS:

  • Manipulation of process data or setpoints
  • Unauthorized changes to commands or alarm thresholds
  • Erroneous information being passed on to operators (loss or manipulation of view)
  • Software or settings being tampered with and interference with safety systems, all of which could have far-reaching and potentially fatal consequences

How do IT and engineering communities perceive ICS cybersecurity?

The IT and engineering communities are increasingly aware of the need for ICS cybersecurity. As ICS become ever more connected and automated, they also open themselves up to greater risk of cyberattacks. To address this, both communities are now developing a range of solutions and working closely to protect these systems from emerging threats.

While both communities view ICS cybersecurity from different angles and perspectives – due in large part to the historical gap that exists between IT and ICS as well as differing priorities – they have come to recognize the need to bridge the gap in order to tackle the increasing challenges facing industrial facilities. As a result, a new discipline has emerged that combines the best of both engineering and cybersecurity practices.

For example, engineers are typically more focused on the physical process of an ICS, such as the hardware and software, while IT professionals are more concerned with the network and data security aspects.

A more comprehensive approach to ICS cybersecurity can be achieved by combining both engineering and IT practices. This includes both the physical and the digital components of the system to ensure that the assets are secure from cyber threats.

The following sections will dive into the distinct aspects of international standards for cybersecurity and safety.

You have been reading a chapter from
Securing Industrial Control Systems and Safety Instrumented Systems
Published in: Aug 2024
Publisher: Packt
ISBN-13: 9781801078818
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime