ICS security restrictions
Many IT professionals would go about securing an ICS network by extending the process used to secure regular IT resources and networks. This might be applicable to some of the network infrastructure and support services, however many of the core ICS systems and devices do not lend themselves well to following regular IT security strategies. The following are some of the reasons behind this:
- Device related restrictions: most ICS controls and automation devices are resource restrained. They are small form factor embedded devices with just enough memory and CPU cycles to get their job done. There isn't much room for anything in excess of that.
This prevents the manufacturer from implementing power hungry and resource demanding security controls like authentication or encryption. Apart from being resources restrained, ICS devices have an extremely long lifespan and are often in operation for several decades. Because of their age, they are often fragile, and adding security...
