services

industries

ABOUT

IMPACT

resources

CAREERS

contact us

Data Analytics

Data Analytics

Practical Approach to OT Security

Practical Approach to OT Security

industries

industries

Netcon logo
Netcon logo
Data Analytics

Practical Approach to OT Security

Nov 29, 2023

4

min read

OT security
OT security
OT security

Importance of OT Security

Primarily, the knowledge and know-how of SCADA systems were limited to people with fancy degrees. The threat landscape mostly consisted of threats from internal employees or advanced persistent threats sponsored by nation states. However, the Stuxnet attack on Iranian Nuclear plants in 2011, blew this out of proportion. The current threat landscape is that, while the industry has improved its OT technologies with better security mechanisms, the knowledge of these are open to public. Now, anyone with internet access can target OT infrastructure and need not be highly funded. Attacks are no longer just from internal employees or nation states.

To start with, let us reflect on some of the most high-profile examples of cyber-attacks on critical infrastructure around the world.

With these examples lingering in our minds, let us be aware of the intensity of havoc that a cyber-attack can bring forth.

ot 1ot 2ot 3

What is OT?

Operational Technology (OT) refers to the hardware & software used to connect, monitor, and control machines, processes, and events in an Industrial environment. OT integrates physical things: to monitor status, control machines and automate processes for significantly improving productivity, quality, and efficiency. OT comprises of the following types of devices and systems:

  • Sensors

  • Actuators

  • Programmable Logic Controllers (PLC)

  • Direct Digital Controllers (DDC)

  • Remote Terminal Units (RTUs)

  • Supervisor Control and Data Acquisition (SCADA) systems

  • Human Machine Interfaces (HMIs)

All the above components are interconnected by wired/wireless communication network to function as a single integrated system. These devices understand common protocols so that they can send/receive commands, status, and control information through the network.

Traditionally, OT network is a separate network in a factory or facility implemented using serial communication networks, shared bus/ring topology and master-slave communication protocols. They are not very high-speed networks like an enterprise LAN but are deterministic and fault tolerant so that the messages are guaranteed to be delivered on time every time.

Who uses OT?

There is a general myth that only manufacturing organisations use OT. In a digital world, OT is used by almost every enterprise. OT systems are extensively used in power distribution and HVAC systems, which are critical functioning of Data Centers, Offices, Hospitals, etc.

IT/OT integration

There are three key drivers for IT/OT integration:

  1. Ethernet and IP: The Defacto network technologies used in enterprise networks, are extensively being adopted in OT networks. Ethernet is fast, ubiquitous, and low cost. But the standard ethernet used in enterprise networks are not real-time and deterministic. However, several organisations have implemented extensions to the data link layer of ethernet to make it real-time and deterministic. A few of them, such as TSN, EPSG are adopted as standards by IEEE.

  2. Enterprise Applications: The ones like ERP are being integrated with factory to get production data, work in progress and maintenance information to provide real-time visibility to customers and other key stakeholders.

  3. oT & Cloud: With emergence of low-cost wireless and communication technologies, a new breed of solutions was created for interconnecting physical machines and things (in the same way how computers are connected). Applications were developed to capture data from the “things”, store them and analyse them to get meaningful insights. This IoT revolution is further accelerated by Cloud technologies which provide massive storage and computing power.

IT/OT integration is a key component of Industry 4.0 and digital transformation in manufacturing. It enables end-to-end visibility of enterprises, efficient processes, improved productivity, and quality. Having understood the significance of IT/OT integration, let explore some facts about threats and how we are exposed to such threats.

Need for OT security depends on

ot 4

Threats are potential sources of cyber-attack. They can be from within the organisation, such as dissatisfied and compromised employees or from external entities, such as competitors, and enemy countries. Generally, threats have motivations to attain sense of achievement or commercial gain. Sometimes, threats can be imposed because of revenge. It is impossible to eliminate such threats from the cyberworld considering the current geopolitical scenario and a highly competitive environment.

Vulnerabilities are the weaknesses in the system. There can be vulnerabilities in the computers, software, processes and even in people. Threats exploit these vulnerabilities to launch cyber-attacks.

Exposure is the accessibility of computer systems and people to the potential threats. When we are connected to Internet, our computer/device is exposed to billions of users on the Internet. If our device has a vulnerability, a hacker (threat) can steal the data stored in our device.

Mitigating security risk involves:

  • Identifying and controlling the vulnerabilities present in our systems and processes.

  • Limiting the exposure to the extent it is required.

  • Constantly monitoring the threats (based on intelligence from recent attacks across the globe) and implementing controls.

In the past, OT systems in factories were isolated from enterprise network and only few people in the factory had access to it. Most of the systems were proprietary and they were not interconnected. Though these systems may have had many vulnerabilities, the threats were not able to gain access due to the limited  exposure.  However, organisations today are adopting IT/OT integration as it is proving to be a game changer for them. This integration exposes the OT systems to the external world, thereby increasing the security risk.

Since OT systems have limited hardware resources, it is not possible to run CPU intensive advanced security software on these devices. Also, modern IoT/IIOT systems run on standard operating systems, such as Linux and Windows are prone to more known vulnerabilities. Unlike the enterprise IT systems, it is not practical to update security patches frequently in OT systems. So, these vulnerabilities continue to be present for a longer time.

The result of a cyber-attack on OT systems could be catastrophic. This could cause a power plant to shut down, chemical plant to explode and disrupt an entire transport network. The communication protocols in an OT network are different from an enterprise IT network. They are deterministic, time sensitive, fault tolerant and provide guaranteed delivery of commands and information. The security solutions of an IT network cannot be applied for OT systems.

In summary, OT security threats are real and OT systems are more vulnerable compared to IT systems. Securing OT systems require domain expertise in OT devices, networks, and protocols. It is critical that organisations approach OT security in a holistic manner instead of merely extending the currently available IT security solutions.

Table of contents

POINTS

Share artilce:

linkedin
twitter

BLOGS

Data Center

Mastering Data Center Management with Expert Consulting

Aug 14, 2024

13 min read

Data Center

Engaging with Data Center Consultants for Optimal Solutions

Aug 14, 2024

12 min read

Data Center

Introduction to Data Center Certifications: An Overview

Aug 14, 2024

14 min read

Data Center

Mastering Data Center Operations with Advanced Certifications

Aug 14, 2024

12 min read

Ready to take your company to the next level?

Unlock your business potential with us

Ready to take your company to the next level?

Unlock your business potential with us

Ready to take your company to the next level?

Unlock your business potential with us

Ready to take your company to the next level?

Unlock your business potential with us

Netcon Footer Logo

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Footer Logo

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Footer Logo

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Footer Logo

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Ready to take your company to the next level?

Unlock your business potential with us

Netcon Footer Logo

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Logo
Netcon Logo

BLOG

Data Analytics

Practical Approach to OT Security

BY

Nov 29, 2023

4

min read

OT security
OT security

Importance of OT Security

Primarily, the knowledge and know-how of SCADA systems were limited to people with fancy degrees. The threat landscape mostly consisted of threats from internal employees or advanced persistent threats sponsored by nation states. However, the Stuxnet attack on Iranian Nuclear plants in 2011, blew this out of proportion. The current threat landscape is that, while the industry has improved its OT technologies with better security mechanisms, the knowledge of these are open to public. Now, anyone with internet access can target OT infrastructure and need not be highly funded. Attacks are no longer just from internal employees or nation states.

To start with, let us reflect on some of the most high-profile examples of cyber-attacks on critical infrastructure around the world.

With these examples lingering in our minds, let us be aware of the intensity of havoc that a cyber-attack can bring forth.

ot 1ot 2ot 3

What is OT?

Operational Technology (OT) refers to the hardware & software used to connect, monitor, and control machines, processes, and events in an Industrial environment. OT integrates physical things: to monitor status, control machines and automate processes for significantly improving productivity, quality, and efficiency. OT comprises of the following types of devices and systems:

  • Sensors

  • Actuators

  • Programmable Logic Controllers (PLC)

  • Direct Digital Controllers (DDC)

  • Remote Terminal Units (RTUs)

  • Supervisor Control and Data Acquisition (SCADA) systems

  • Human Machine Interfaces (HMIs)

All the above components are interconnected by wired/wireless communication network to function as a single integrated system. These devices understand common protocols so that they can send/receive commands, status, and control information through the network.

Traditionally, OT network is a separate network in a factory or facility implemented using serial communication networks, shared bus/ring topology and master-slave communication protocols. They are not very high-speed networks like an enterprise LAN but are deterministic and fault tolerant so that the messages are guaranteed to be delivered on time every time.

Who uses OT?

There is a general myth that only manufacturing organisations use OT. In a digital world, OT is used by almost every enterprise. OT systems are extensively used in power distribution and HVAC systems, which are critical functioning of Data Centers, Offices, Hospitals, etc.

IT/OT integration

There are three key drivers for IT/OT integration:

  1. Ethernet and IP: The Defacto network technologies used in enterprise networks, are extensively being adopted in OT networks. Ethernet is fast, ubiquitous, and low cost. But the standard ethernet used in enterprise networks are not real-time and deterministic. However, several organisations have implemented extensions to the data link layer of ethernet to make it real-time and deterministic. A few of them, such as TSN, EPSG are adopted as standards by IEEE.

  2. Enterprise Applications: The ones like ERP are being integrated with factory to get production data, work in progress and maintenance information to provide real-time visibility to customers and other key stakeholders.

  3. oT & Cloud: With emergence of low-cost wireless and communication technologies, a new breed of solutions was created for interconnecting physical machines and things (in the same way how computers are connected). Applications were developed to capture data from the “things”, store them and analyse them to get meaningful insights. This IoT revolution is further accelerated by Cloud technologies which provide massive storage and computing power.

IT/OT integration is a key component of Industry 4.0 and digital transformation in manufacturing. It enables end-to-end visibility of enterprises, efficient processes, improved productivity, and quality. Having understood the significance of IT/OT integration, let explore some facts about threats and how we are exposed to such threats.

Need for OT security depends on

ot 4

Threats are potential sources of cyber-attack. They can be from within the organisation, such as dissatisfied and compromised employees or from external entities, such as competitors, and enemy countries. Generally, threats have motivations to attain sense of achievement or commercial gain. Sometimes, threats can be imposed because of revenge. It is impossible to eliminate such threats from the cyberworld considering the current geopolitical scenario and a highly competitive environment.

Vulnerabilities are the weaknesses in the system. There can be vulnerabilities in the computers, software, processes and even in people. Threats exploit these vulnerabilities to launch cyber-attacks.

Exposure is the accessibility of computer systems and people to the potential threats. When we are connected to Internet, our computer/device is exposed to billions of users on the Internet. If our device has a vulnerability, a hacker (threat) can steal the data stored in our device.

Mitigating security risk involves:

  • Identifying and controlling the vulnerabilities present in our systems and processes.

  • Limiting the exposure to the extent it is required.

  • Constantly monitoring the threats (based on intelligence from recent attacks across the globe) and implementing controls.

In the past, OT systems in factories were isolated from enterprise network and only few people in the factory had access to it. Most of the systems were proprietary and they were not interconnected. Though these systems may have had many vulnerabilities, the threats were not able to gain access due to the limited  exposure.  However, organisations today are adopting IT/OT integration as it is proving to be a game changer for them. This integration exposes the OT systems to the external world, thereby increasing the security risk.

Since OT systems have limited hardware resources, it is not possible to run CPU intensive advanced security software on these devices. Also, modern IoT/IIOT systems run on standard operating systems, such as Linux and Windows are prone to more known vulnerabilities. Unlike the enterprise IT systems, it is not practical to update security patches frequently in OT systems. So, these vulnerabilities continue to be present for a longer time.

The result of a cyber-attack on OT systems could be catastrophic. This could cause a power plant to shut down, chemical plant to explode and disrupt an entire transport network. The communication protocols in an OT network are different from an enterprise IT network. They are deterministic, time sensitive, fault tolerant and provide guaranteed delivery of commands and information. The security solutions of an IT network cannot be applied for OT systems.

In summary, OT security threats are real and OT systems are more vulnerable compared to IT systems. Securing OT systems require domain expertise in OT devices, networks, and protocols. It is critical that organisations approach OT security in a holistic manner instead of merely extending the currently available IT security solutions.

Linkedin

Written by

Share artilce:

linkedin
linkedin
twitter
twitter

Partner with us

Unlock your business potential with our committed team driving your success.

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.