NOV-DEC 2017

Issue link:

Contents of this Issue


Page 9 of 61

Making automation systems resilient Background As automation technologists know, today's control systems are most frequently specially designed digital systems that operate real-time physical processes by dispatching commands to numerous sensors, actuators, communica - tion nodes, and devices dispersed across the au- tomation infrastructure. These systems can ex- change massive amounts of data at high speeds over communication networks to monitor and control physical devices. The control systems operate within the operational technology (OT) environment under rules that have different priorities and policies from standard informa- tion technology (IT) systems. In the past, OT and IT systems were largely isolated from one another, with the Internet connected to the "IT side." However, in today's modern automation systems, OT and IT systems are connected, so cyberattacks can originate in business systems and migrate to operational systems—or in dem- onstrated occurrences the attack reverses with the malware entering via the "OT side." Internet connectivity has various definitions, ranging from direct Internet connection—perhaps to use cloud resources or provide remote access— to memory devices connected to a device that is By Peter Fuhr, PhD, and Sterling Rooke, PhD R esilience, as defined in Presidential Policy Directive 21, is "the ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disrup- tions . . . [it] includes the ability to withstand and recover from deliberate attacks, accidents, or naturally occurring threats or incidents." Historically, automation systems were physi- cally separated from the Internet and other networks. With the advent of commodity plat- forms and common Internet protocols, auto- mation and control systems can now be built at a much lower cost and can use generally available In ternet protocols. This results in increased ef- ficiency and significant cost savings, but as the Industrial Control Systems – Computer Emer- gency Response Team (ICS-CERT) (https:// reported, the convergence of closed control systems with open Internet- based networks, commodity operating systems, and commodity Internet protocols has brought increased security risk. Given the numerous cybersecurity breaches (e.g., Equifax, Office of Management and Budget, Dun & Bradstreet, Blue Cross/Blue Shield, and Verizon), is it time for a significant change in automation system security architecture and implementation? Is it time for a change in cybersecurity? 10 INTECH NOVEMBER/DECEMBER 2017 WWW.ISA.ORG

Articles in this issue

Links on this page

Archives of this issue

view archives of InTech - NOV-DEC 2017