For decades, Supervisory Control and Data Acquisition (SCADA) systems have played a significant role in industrial operations. Industries like oil and gas, electric power/smart grid, agriculture and utilities have implemented SCADA systems and networks to collect data and automate processes, and are always looking to automation systems for more effective ways to operate.
The ability to collect more data from geographically dispersed field assets in remote locations has driven the need for enhanced communication technologies. With the emergence of continuously improving wireless machine-to-machine (M2M) technologies, networks have more access points than ever before. The number of sensors and data points collected will continue to rise dramatically with improved connectivity.
This collected data helps operators improve operational decisions, save manpower and, in many instances, keep employees safe by avoiding dangerous environments. Today, industrial network operators are increasingly implementing end-to-end Internet Protocol (IP) connectivity or the Internet of Things (IoT), enabling more capabilities at the edge of these networks. This does not make SCADA systems obsolete by any means; it opens the door to greater possibilities of enabling new applications and analytics with every single data point being captured in the system.
There are many implications for the concept of a completely connected enterprise in terms of network security. Critical infrastructure projects are only as reliable and secure as the technology serving them. Security, therefore, will ultimately be the limiting factor on how much IoT technology is deployed. With security, the traditional trade-off is either 'easy to use' or 'secure' ─ but not both. An operator striving for an Industrial IoT (IIoT) network must look at SCADA security, the convergence of Operations Technology (OT) and Information Technology (IT), and make a thorough assessment of what will allow them to achieve a secure data communications network.
Today’s security challenges
Traditional SCADA systems have several challenges when it comes to security:
- SCADA systems were often designed without security in mind; it’s harder to add security features later
- The most common SCADA protocols like MODBUS, DNP3 are inherently insecure; base communication protocols are therefore often insecure
- Security through obscurity; best practice, standard security procedures are often not implemented
- False reliance in the physical security of nodes in SCADA network; physical security is necessary, but never enough
- Long equipment life; known vulnerabilities may not be detected regularly
- Historically 'Air Gapped' and not connected to the larger network; past design and security gaps may not be addressed
- 'Egg Shell' security model; one breach at any point of the network allows for free range
- Many SCADA systems do not use available security features, opting for 'easy to use'; nearly effortless access to anyone
With more data being transported than ever before, it’s important not only to secure assets, but to secure the communication link itself. Traditionally, SCADA systems have been on the outside of a firewall from the corporate IT network. Newer SCADA systems that use Ethernet devices are more security focused with measures such as VPN, secure sockets, encryption, and dedicated log-ins on the devices.
Intelligent sensors offer value
With the growing interest in IoT, operators must realise that the system is not only providing a communications path, but has intelligent sensors that also provide value. Rather than just Remote Terminal Units (RTUs) and Programmable Logic Controllers (PLCs) at the edge of the networks providing data, the sensors themselves may be running an application on the edge of the network, and many of these devices are using IP.
IIoT sensors bring more capabilities and increased connectivity to these devices. Long-promised benefits, such as assessing predictive failure, have become one step closer. IoT implies that the data is no longer strictly controlled and only accessible via the SCADA system. If the failure rate of this equipment was consistent and data was then accessed and analysed by the producer or trade group, they might be willing to pay users for that data. If efficiency can be improved by just a small percentage, billions of dollars could be saved. These are the same promises of SCADA; however, with IoT, the industry is now looking at how every single asset, across every facility, can be connected through the Internet (or an intranet), making data readily available to key decision makers.
When there is Ethernet everywhere and IP devices going out to the edge in the field, each one of those devices has the potential to become a threat to the entire corporate IT network if not secured properly. In comparison to a traditional SCADA system, this is a communication network on a much larger scale with thousands of potential end points. Operators in IIoT environments need to be concerned with everything that could be introduced to the network at every single connection point. This IoT data can be extremely useful, assuming that the network can meet the necessary security requirements.
Through the use of standards like TLS/SSL and basic AES-128 data encryption, secure connections can be established, even in an Industrial IoT environment where data moves across an open network and it’s assumed that an unauthorised party could potentially see the traffic on that network. When the data is properly encrypted, an unauthorised party cannot access the data even if they can see it in the network. In wireless connections, standards-based connections will allow relatively easy access to the network itself, leaving just the software encryption to stop snooping.
Traditionally, companies have a corporate firewall that divides the corporate IT space from OT space. With an IoT network, there is a need to protect the sensors and new applications on the OT side. However, even if there is a secure communication link, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network. There are many of ways to run into problems on the IoT front if companies are not careful in their network design security implementation.
On the IT side, corporate network security typically sees many threats. Those threats require significant attention, and consequently IT organisations have numerous options and tools to use, such as intrusion detection, log monitoring, network behavior monitoring, network inspections, whitelisting, firewalls, and more. The IT space has a much different attack surface than OT because with an IT network, the company can physically secure the building and control where the data goes in and out. Data escaping the building is relatively small in comparison to the OT space. WiFi that is leaking outside the building could be a vulnerability, but there are tools and ways to lock down that type of threat, and checkpoints where the IT department can analyse the traffic going through the network. In IT, bandwidth is plentiful and the network overhead associated with security is generally not a major factor.
IIoT networks, on the other hand, can span many miles with potentially hundreds of thousands of data points. An IIoT network likely consists of small embedded devices with long lifespans, making it very efficient. However, they are generally not like the Windows operating system, which is consistently conducting massive updates. Some embedded technologies don’t allow any updates, making it essential to carefully select the best devices for a network. Having thousands of these edge devices is where organisations will begin to see IT/OT convergence – many more points in the field where threats could be coming into the IT network.
How to select secure technology for IIoT
The concept of IoT offers many advantages from a business standpoint, but also opens the door to many security questions. Companies moving to IIoT need to ask these important questions before selecting a technology:
- What is the M2M communications technology controlling or automating? Is it essential that it operates without failure?
- What data is being collected and/or transmitted with this technology? Is it time-sensitive and/or mission-critical?
- What technology solutions have a proven track record for the applications being served?
- What external factors might impact the reliable transmission and receipt of critical data from one point to another?
- How does this M2M communications technology address challenges such as data encryption, network access control and signal interference?
- Do we need this technology solution to be failsafe, in order to prevent or eliminate catastrophic damage from occurring?
- Is cybersecurity or physical security a greater concern for this deployment?
- What vulnerabilities have the Information Security community identified in the type or category of IIoT equipment I use?
- What is the right tradeoff between 'easy to use' and 'secure' for my installation?
In smart grid projects, for example, operators must also take into consideration the cybersecurity reliability standards which FERC oversees. This helps operators choose a more cyber-hardened technology. On the other hand, for industries that do not have these standards, there remains a tradeoff between secure and easy to use. When strong cybersecurity has not been mandated, people tend to avoid the 'harder to use' option that is typically more secure.
There are many benefits to the concept of a completely connected IoT system, but this also implies more crossover between IT and OT systems. Companies need to prioritise security in their quest to create end points for all of their field assets. Some industries, like the smart grid, are already experiencing mandates that ensure a more cyber-secure network. With others, however, it is still up to the organisation to make security a top priority. There are technology providers available that are security focused and will provide those extra layers of security to the OT network.
Glenn Longley at FreeWave