Zero Trust Security Moves from Defense to Industry

    March 17, 2023
    Developed for military/defense applications, the Mission Secure cybersecurity platform aims to reduce access and, therefore, risk to industrial operations technologies.
    Photo 268429072 / 3d Background Š imaginariumphoto | Dreamstime.com
    Dreamstime L 268429072 64120c345f314

    The concept of zero trust security is gaining more adherents in the industrial technology space. As  Jens Meggers, executive chairman of cybersecurity software supplier Mission Secure says, “You should assume bad guys will get in, so your focus should be on limiting what they can access.”

    And that’s the focus of Mission Secure’s new Sentinel 5.0 platform, which is designed to provide context-aware cybersecurity policy monitoring and enforcement for industrial operations technology (OT) systems.

    Jens Meggers, executive chairman of cybersecurity software supplier Mission Secure.
    Jens Meggers, executive chairman of cybersecurity software supplier Mission Secure.
    “Zero trust architectures are the most powerful and practical way to increase safety and reduce risk for industrial cyber-physical processes” says Meggers. “Sentinel 5.0 allows granular implementation of access policies from the physical signal all the way to the cloud. It’s whitelisting on steroids.”

    If you’re not familiar with the zero-trust cybersecurity concept, it is a well-known IT cybersecurity principle that essentially eliminates implicit trust to access systems inside a network perimeter by validating every stage of digital interaction continuously.

    Without zero trust architectures, Meggers says industrial operators often rely on disjointed collections of tools, such as firewalls, intrusion detection systems, and endpoint vulnerability scanning. Such combinations of cybersecurity technologies, however, do not fully provide the ability to manage and secure industrial operating environments, he adds.

    Find out what industrial end use and system integrators think about defense-in-depth cybersecurity.

    Policy instantiation and monitoring

    The Sentinel 5.0 platform allows operators to define and enforce granular policies based on inputs such as network traffic, attempted remote access, asset firmware versions and vulnerabilities, as well as the digital and/or analog signals generated by physical devices.

    Mission Secure’s technology operates at network level to discover and classify assets and find out who’s accessing what and why and then restricting access as needed, explains Meggers, who noted that the company’s technology began in the defense indystry before expanding into industrial applications.

    Dashboard map of Mission Secure’s Sentinel 5.0 platform, which includes the ability to allow or block connections to cyber-physical systems based on conditions such as process variables, asset vulnerability score, patch status, user profile, or time of day.
    Dashboard map of Mission Secure’s Sentinel 5.0 platform, which includes the ability to allow or block connections to cyber-physical systems based on conditions such as process variables, asset vulnerability score, patch status, user profile, or time of day.
    The company’s technology extends beyond software to include network and signal integrity sensors. The network sensors can be deployed throughout the OT network, as either passive monitoring stations or inline policy enforcement points. The signal integrity sensors monitor analog and digital signals at network levels 0 and 1 to detect changes that may indicate a fault or compromise.

    Meggers says the signal integrity sensors should be placed in an operations’ “most sensitive areas to read direct sensors, not controllers.”

    “Users can plug in real or virtual sensors at the switch level to listen in on network traffic activity to know who’s talking to what and to find machines, control systems, and cloud access,” Meggers adds. “The dashboard allows you to drill down into details around all network activity. Once you know what to expect [as normal network activity], you can then install the guard rails with a whitelisting approach to start. For example, start by identifying which protocol specifics are allowed, then you can generate a list to see what activities on your network falls outside of your whitelist activity.”

    Standard capabilities of the platform include passive monitoring, asset discovery, and alerting. Specific to its zero trust capabilities, the platform’s policy engine enables:

    • Creation of access control policies to define the conditions under which users or applications can send commands to an industrial device.
    • Identifying firmware state and vulnerabilities and limiting access to only fully patched systems.
    • Alerting and acting on anomalies in physical signals, and isolating systems that show abnormal behavior.
    • Supporting root cause analysis by correlating network events with sensor outputs.

    Industrial cybersecurity partners

    Mission Secure also partners with other industrial cybersecurity technology suppliers such as Verve Industrial and Claroty.

    With Claroty, Mission Secure integrates Claroty’s collection of a user’s asset inventory and vulnerabilities, customized risk scoring, threat detection, and network communication mapping with its OT policy enforcement engine to create and enforce policies based on hundreds of possible inputs.

    Working with Verve Industrial, a supplier of IT/OT asset inventory and vulnerability software, Mission Secure goes “beyond perimeter detection to protect the most vulnerable and critical OT assets at the endpoint level,” says John Livingston, Verve CEO. Verve’s software integrates IT and OT data to build asset profiles for effective risk prioritization. In its closed-loop platform, users can reduce the time typically needed from analysis to remediation with the ability to act within Verve’s software platform.

    About the Author

    David Greenfield, editor in chief | Editor in Chief

    David Greenfield joined Automation World in June 2011. Bringing a wealth of industry knowledge and media experience to his position, David’s contributions can be found in AW’s print and online editions and custom projects. Earlier in his career, David was Editorial Director of Design News at UBM Electronics, and prior to joining UBM, he was Editorial Director of Control Engineering at Reed Business Information, where he also worked on Manufacturing Business Technology as Publisher. 
    Email

    Companies in this Article

    Continued Reading

    Sponsored Recommendations

    Inductive Automation offers multiple editions of Ignition created for specific use cases. See what differentiates Ignition, Ignition Edge, Ignition Cloud Edition, and Ignition...
    Castle & Key brought new life to a historic Kentucky distillery by blending 140 years of heritage with cutting-edge automation. With help from Gray AES, they replaced outdated...
    Learn how Inductive University can help you overcome today’s biggest roadblocks in SCADA training, such as prohibitive costs, gated software access, and more.
    Forget complex programmingget smarter, faster automation with MOVI?C. With scalable performance, multibus flexibility, and safety built in, its control tech that adapts to ...