Industrial network security has become a hot topic, and rightfully so, in the wake of the Stuxnet virus and concerns about attacks on all types of Internet sites that could create major damage for industrial networks and machinery. Concerns about the security of machine control networks specifically are a key issue in the convergence of industrial automation technology with information technology.
A new whitepaper co-authored by Rockwell Automation and Cisco provides some good in-depth reading on this topic, along with suggestions on how to manage this difficult problem. The two companies have collaborated to develop converged plantwide Ethernet (CPwE) reference architectures "to help design and deploy a holistic defense-in-depth industrial security policies to help secure networked IACS assets," according to the whitepaper. "This comes in the form of design considerations, guidance, recommendations, best practices, solutions and services."
Two concepts jump out as very important for developing an industrial security strategy. The first is an industrial security policy, which includes risk assessment and "a roadmap for applying security technologies and best practices to protect IACS assets, while avoiding unnecessary expenses and excessive restrictive access." The second is development of a perimeter network, which the paper calls an "Industrial Demilitarized Zone" (IDMZ). It adds a buffer layer of security when a trusted network is exposed to an untrusted one.
This buffer zone provides a barrier between the Industrial and Enterprise Zones, but allows for data and services to be shared securely," the paper says. "All network traffic from either side of the IDMZ terminates in the IDMZ. No traffic directly traverses the IDMZ," which provides "the only path between Industrial and Enterprise Zones." Another key design aspect from a security standpoint: "EtherNet/IP traffic does not enter the IDMZ, it remains in the Industrial Zone."
Even though very few of us understand the details of network security, it's interesting to see how reference network architectures like this can provide a conceptual approach to implementing sound security practices. The other obvious conclusion is that this problem demands a holistic view and a series of "defense-in-depth layers," including these.
Policies, Procedures, and Awareness Plan of action around procedures and education to protect company assets (risk management) and provide rules for controlling human interactions in IACS systems.
Physical Security Operational and procedural controls to manage physical access to cells/areas, control panels, devices, cabling, the control room, and other locations...
Network Security Industrial network security framework... is made up of network infrastructure hardware and software designed to block communication paths and services that are not explicitly authorized...
Application Security Implement change management and accounting... as well as authentication and authorization... to track both access and changes by users.
Device Hardening Restrict physical access to authorized personnel only, disable remote programming capabilities, encrypt communications,... restrict network connectivity through authentication, restrict access to internal resources... using authentication and authorization.
The whitepaper concludes:
No single product, technology or methodology can fully secure Industrial Automation and Control System (IACS) applications. Securing an IACS network infrastructure requires a defense-in-depth industrial network security framework to address both internal and external security threats. A balanced industrial network security framework must address both technical (electronic technology) and non-technical (e.g. physical, policy, procedural) elements. This industrial network security framework should be based on a well-defined set of security policies and procedures, leveraging established IT processes, while balancing the functional requirements of the IACS application itself.
I recommend reading the complete whitepaper. It's definitely a good read and worth the time of engineers concerned about designing secure machine control networks.
A tied-together approach does have its advantages but nothing is ever secure as it sounds. It would seem an attack, whether done by a hacker or a virus, could bring anything tied to that network down instead of being compartmentalized in a single area like those of node-based networks.
Tool_Maker, You make a lot of good points. In most network designs, my understanding is that network traffic is not mixed and is completely separate from external traffic. When there is a need for exposing the network to the "outside", the security needs obviously grow dramatically. It's interesting that policies, procedures and physical security become as big of issues as the fancy technology protection measures. Thanks for your comments.
The buffer zone/perimeter network is an interesting concept, and at least at first glance looks like a good idea. But Tool_maker's comment makes me wonder about all those connections, too. Sequestering different networks--internal comms versus the manufacturing network where profit-center work is done, like the battalion--seems like a much more secure topology, as well as less crowded. Yet it's been a common topic in DN and elsewhere about all the efforts to bring IT together with manufacturing. Perhaps that needs a rethink.
I understand the need to tie stuff together internally for inventory control, tracking orders, and a million other reasons. I undrestand the desire to go outside for banking, order placement and a host of other reasons. I do not understand why they ever have to be tied together.
A million years ago when I was in the military, I was in a mechanized unit. The company commander's vehicle had two radios. One on the company network and one for the battalion. that way neither was cluttered with nonessential chatter. Does that not seem like at least a partial solution to this threat? When everything is linked that brings to mind a person using a megaphone to carry on a conversation and then trying to figure out how to soundproof the room so the conversation remains private.
Just because we can link everything, does not mean itis the best method.
In this new Design News feature, "How it Works," were starting off by examining the inner workings of the electronic cigarette. While e-cigarettes seemed like a gimmick just two or three years ago, theyre catching fire -- so to speak. Sales topped $1 billion last year and are set to hit $10 billion by 2017. Cigarette companies are fighting back by buying up e-cigarette manufacturers.
Advertised as the "Most Powerful Tablet Under $100," the Kindle Fire HD 6 was too tempting for the team at iFixit to pass up. Join us to find out if inexpensive means cheap, irreparable, or just down right economical. It's teardown time!
The increased adoption of wireless technology for mission-critical applications has revved up the global market for dynamic electronic general purpose (GP) test equipment. As the link between cloud networks and devices -- smartphones, tablets, and notebooks -- results in more complex devices under test, the demand for radio frequency test equipment is starting to intensify.
Much of the research on lithium-ion batteries is focused on how to make the batteries charge more quickly and last longer than they currently do, work that would significantly improve the experience of mobile device users, as well EV and hybrid car drivers. Researchers in Singapore have come up with what seems like the best solution so far -- a battery that can recharge itself in mere minutes and has a potential lifespan of 20 years.
Some humanoid walking robots are also good at running, balancing, and coordinated movements in group settings. Several of our sports robots have won regional or worldwide acclaim in the RoboCup soccer World Cup, or FIRST Robotics competitions. Others include the world's first hockey-playing robot and a trash-talking Scrabble player.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.