Massive data breaches seem to be constantly in the news. But PwC’s 2018 Global State of Information Security Survey noted, “Many organizations worldwide still struggle to comprehend and manage emerging cyber risks.”
Just 40 percent of PwC’s survey respondents from organizations that use robotics or automation recognized that cyber attacks on automation systems could disrupt operations.
Yet the danger is real. Companies increasingly want to connect sensors and control systems to networks for reasons like:
- Moving production data to enterprise systems and databases.
- Storing process or environmental data for regulatory compliance.
- Sending machine data to the cloud for artificial intelligence (AI) analysis.
Experienced automation engineers see the potential benefits of connecting automation systems to networks and the cloud. But they also see the security risks. The question is how to minimize those risks.
Good cybersecurity planning addresses physical, network, and human vulnerabilities. For this column, let’s focus on network security. Network security means protecting devices on your network, and making sure data transmitted is not intercepted or changed by unauthorized people or software.
Fortunately, some automation manufacturers are offering products with network security features built in. These products—for example, Opto 22’s groov EPIC edge programmable industrial controller—can help you design and maintain more secure systems.
When assessing new control products, here are five security features to look for:
Network interfaces: For decades, control systems used proprietary networks and protocols. Now, however, many use standard Ethernet and standard protocols designed to make sharing data easier.
But you can still separate networks if your controller has two independent Ethernet network interfaces (read more about this at http://awgo.to/dualnetwork). Independent, in this context, means that data is not routed between interfaces. You can plug one Ethernet interface into a trusted network, where you know and trust all the devices on the network, and plug the other into an untrusted network, like one with Internet access.
When trusted and untrusted networks are kept separate, a rogue actor attempting a hack on the untrusted network cannot access data on the trusted network.
Firewalls: Most of us know about network firewalls (read more at http://awgo.to/firewall), for example the firewall that helps protect your company’s network from external access. Individual devices can also have firewalls (for example, Microsoft Windows computers use a device firewall to protect your PC).
A controller for your Industrial Internet of Things (IIoT) project should have a device firewall as well. The dual-interface controllers mentioned earlier should have firewalls on both network interfaces, and you should be able to configure them independently. When you do, make sure to close all network ports you’re not using, on all network interfaces.
Data communication options:Consider a different way of communicating data. For example, look for a controller that offers device-originated communications (read more at http://awgo.to/whymqtt). A protocol such as MQTT uses a publish-subscribe, or pub-sub, method that optimizes network traffic, reduces IT involvement, and improves security.
In pub-sub communications, a controller originates a connection to a broker—either on premises or in the cloud—and then publishes data and/or subscribes to data from the broker. Because the connection originated behind the firewall, no firewall rules for open ports are necessary, and data can travel securely both ways.
Encryption and certificate management: Your control system is as important as your bank and requires the same level of data security. Data transmitted on any untrusted network should be encrypted (read more at http://awgo.to/encryption). A controller that provides data encryption and ways to manage security certificates (which verify that a device is actually what it says it is) helps you build a more secure network.
User accounts: Can anyone access your controller, or does it require a username and password? User authentication (read more at http://awgo.to/useraccounts) is a basic network security feature, yet one that’s missing in most automation products. Look for a controller that does not ship with default user credentials, so you’re forced to choose a unique username and password when you first configure it.
Also look for the ability to set up users (people and software) with complex passwords and account levels that offer different permissions depending on the user’s needs. Limit users to the specific data and controls each requires. For example, an operator might need to control a process, while a manager just needs production data, and a cloud service requires a small subset of data from a few machines.
And remember—you can use all these security features, but if your passwords aren’t strong, your system can’t be secure. Use long, complex passphrases and a password manager if available.
The bottom line
Cybersecurity for automation and IIoT applications—as for any digital network—is a complex issue with different implications depending on your organization and your system. Security requirements constantly change as your system evolves; but starting with some built-in security tools can help you design and maintain a more secure automation system.
For more on these security features, read our series of blog posts on security at https://blog.opto22.com/optoblog/topic/epic-security.