Functional responsibility is just one common ground approach when considering convergence of Operational Technology and Cyber Physical systems discussed Peter Hazell BEng, Cyber-Physical Security Manager at Yorkshire Water, during the webinar organised by the IET's Control & Automation Technical Network.
It’s not only perimeter technology that is changing but it is also the use of traditional principles, for example, whilst the use of cyber security's 'CIA' is typically applicable to IT environments, utility infrastructures however are likely to lean on the principals of PEAR as it’s most focused on physical attributes, a simple nail through the cabling by a rouge contractor will cause much more damage than a ddos attack from the outside, so the risk of on-site human manipulation makes PEAR more suited to industrial cyber security.
The reverse is also true, components need be resilient, what happens if a nail was penetrated through the plants wires by a rouge contractor? Here, CIA should also be applied at a component level, so if mechanical components fail then how should the OT environment expect to react? It’s very different to a DLP alert that’s triggered when someone sends out sensitive data in your office network. Cyber security principals remain valid, just with a different mindset, within IT, a ddos attack is seen differently in an OT environment, if that nail did strike, then how is the pressure in the pipes monitored? What counter measures can be automated? to what extent? Perhaps an IPS would not be applicable as having false positives is far more impactful, you cant just 'tune it out’ like in most common cyber security systems.
The 7 layers of OSI (a.k.a the Internet) are just foundational considerations within plant environments, where only some sensor elements loop back for field data to trigger intelligent alerts, of course the field sensors would have to give the deterministic details required (it's not plug n play yet). In fact, OT environments have their own layers that allow convergence to take place explained Peter, this adds to the vulnerability identification challenge.
The way traditional cyber security looks at vulnerability is more augmented with OT, and as we move to industry 4.0 all industries are converging base technologies which means more possible vulnerability combinations and brand new risk models to be made aware of, like, oil or water plants need greater physical controls which is different to IT that typically has assets as 'information', whilst in OT, the asset is 'functional' likes plants, human security or component security.
The future of Industrial cyber security is going to create a lot of innovative technologies as traditional utility infrastructures are also now going to have to treat our smart-homes as field end devices?
The webinar and Peter's full profile is available on demand here.
The IET Digital Library has many journals on the topic of Cyber Physical Systems found here.
The reverse is also true, components need be resilient, what happens if a nail was penetrated through the plants wires by a rouge contractor? Here, CIA should also be applied at a component level, so if mechanical components fail then how should the OT environment expect to react? It’s very different to a DLP alert that’s triggered when someone sends out sensitive data in your office network. Cyber security principals remain valid, just with a different mindset, within IT, a ddos attack is seen differently in an OT environment, if that nail did strike, then how is the pressure in the pipes monitored? What counter measures can be automated? to what extent? Perhaps an IPS would not be applicable as having false positives is far more impactful, you cant just 'tune it out’ like in most common cyber security systems.
The 7 layers of OSI (a.k.a the Internet) are just foundational considerations within plant environments, where only some sensor elements loop back for field data to trigger intelligent alerts, of course the field sensors would have to give the deterministic details required (it's not plug n play yet). In fact, OT environments have their own layers that allow convergence to take place explained Peter, this adds to the vulnerability identification challenge.
The way traditional cyber security looks at vulnerability is more augmented with OT, and as we move to industry 4.0 all industries are converging base technologies which means more possible vulnerability combinations and brand new risk models to be made aware of, like, oil or water plants need greater physical controls which is different to IT that typically has assets as 'information', whilst in OT, the asset is 'functional' likes plants, human security or component security.
The future of Industrial cyber security is going to create a lot of innovative technologies as traditional utility infrastructures are also now going to have to treat our smart-homes as field end devices?
The webinar and Peter's full profile is available on demand here.
The IET Digital Library has many journals on the topic of Cyber Physical Systems found here.