Control Engineering Europe

CYBER SECURITY

PROACTIVE MANAGEMENT

OF PLANT CYBERSECURITY

According to Camilo Gomez a combination of information technology (IT) and

operations technology (OT) cybersecurity expertise is required to manage the influx

of Industrial Internet of Things (IIoT) devices and increased IT/OT integration.

T

he inward-looking plant

control system is giving way to

a wider and flatter network

architecture, which requires

a different cybersecurity

focus. Operations technology (OT) is

undergoing a sea change in goals,

structure, and management – as is

information technology (IT) with the

integration of the plant control system

with the business systems. This makes it

necessary to manage giant data flows

inside the plant.

The physical plant continues to be

important, but it is complemented

and managed by the virtual plant, a

concept that makes possible a ‘digital

twin’ of the actual plant. Management

and operations can use the digital twin

to experiment and improve operational

efficiency. New tools and process

controls are becoming available.

Robots and virtual reality can be used

in hazardous areas to improve operator

safety, and simpler, easier-to-operate

advanced process control systems are

becoming common.

Outside the plant, the cloud and

related applications have made

the Industrial Internet of Things

(IIoT) practical and useful. An IIoT

implementation proliferates new

sensors inside and outside the plant to

improve plant performance.

Open process automation (OPA)

initiatives – intended to produce a

common platform so controllers,

sensors, and software can work

together without compatibility issues –

have been added.

These trends are occurring

simultaneously and have contributed to

disruption. Old ways of running process

plants are not competitive in many

process industries. Disruptive events

can create innovation and add value.

OT cybersecurity

transformation

Traditionally, sensors and controllers

have been connected to the plant

control system using wires or using

wireless protocols. OT cybersecurity has

focused on protecting the plant control

network and keeping unauthorised

users from invading the control systems.

However, OT cybersecurity is now

transforming.

The principles and practices of OT

cybersecurity are being used in non-

traditional automation sectors, such as

building automation, transportation,

and medical automation. What used

to be a hard-wired perimeter has

moved outward from the plant and

become virtual. The 2D structure of

OT cybersecurity is 3D with the inner

applications, level 0 and 1 devices

and applications, and sensor devices

connected directly to the cloud.

From there, they’re connected to the

automation systems; maintenance,

repair, and operation (MRO) systems;

and plant business systems.

Plant operations personnel always

have recognized the need for functional

safety. The rise of OT cybersecurity

has made it clear an insecure plant

is an unsafe plant. Cybersecurity and

functional safety mirror, overlap, and

complement each other. Security of the

safety instrumented system (SIS) is a

critical function, the same as basic plant

control system security.

With fully integrated business systems,

the cybersecurity of the entire value

chain is critical. Making a supply and

a distribution chain integrated and

secure are essential in today’s enterprise.

OT cybersecurity is no longer a static

function; it is a fluid and continuously

changing entity that must be managed

carefully.

OT cybersecurity threats

As the function and footprint of OT

cybersecurity has grown and changed,

the threats it faces have broadened.

Traditional cybersecurity evolved to deal

with threats in the IT environment such

as email phishing, human-in-the-middle

penetration attacks, malware, and

disaffected employees. First-generation

OT cybersecurity began with IT-derived

implementations such as perimeter

security and air gaps.

The second generation of threats

was more plant-centered. Advanced

persistent threats (APTs) continue

stealthy attacks from outside the

enterprise aimed at IP theft or

destruction of plant operations.

The third and current generation

of threats is persistent and focused on

causing harmful disruption to plant

operations. It is potentially destructive

to machinery and systems. Threats

have evolved to become OT-specific as

hacking has evolved, as well.

OT cybersecurity defenses have been

reactive, complacent, and conformance-

oriented. They typically are based on IT

technologies, not always a good fit for

OT purposes and have often evolved

slowly into OT security technologies.

They have been based traditionally on

conformance to standards and based on

lifecycle, certifications, and regulations.

These defenses are relatively easy to

28 March 2019 http://www.controlengeurope.com