Data Analytics

Data Analytics

Practical Approach to OT Security

Practical Approach to OT Security

Netcon logo
Netcon logo
Data Analytics

Practical Approach to OT Security

Nov 29, 2023

4

min read

OT security
OT security
OT security

Importance of OT Security

Primarily, the knowledge and know-how of SCADA systems were limited to people with fancy degrees. The threat landscape mostly consisted of threats from internal employees or advanced persistent threats sponsored by nation states. However, the Stuxnet attack on Iranian Nuclear plants in 2011, blew this out of proportion. The current threat landscape is that, while the industry has improved its OT technologies with better security mechanisms, the knowledge of these are open to public. Now, anyone with internet access can target OT infrastructure and need not be highly funded. Attacks are no longer just from internal employees or nation states.

To start with, let us reflect on some of the most high-profile examples of cyber-attacks on critical infrastructure around the world.

With these examples lingering in our minds, let us be aware of the intensity of havoc that a cyber-attack can bring forth.

ot 1ot 2ot 3

What is OT?

Operational Technology (OT) refers to the hardware & software used to connect, monitor, and control machines, processes, and events in an Industrial environment. OT integrates physical things: to monitor status, control machines and automate processes for significantly improving productivity, quality, and efficiency. OT comprises of the following types of devices and systems:

  • Sensors

  • Actuators

  • Programmable Logic Controllers (PLC)

  • Direct Digital Controllers (DDC)

  • Remote Terminal Units (RTUs)

  • Supervisor Control and Data Acquisition (SCADA) systems

  • Human Machine Interfaces (HMIs)

All the above components are interconnected by wired/wireless communication network to function as a single integrated system. These devices understand common protocols so that they can send/receive commands, status, and control information through the network.

Traditionally, OT network is a separate network in a factory or facility implemented using serial communication networks, shared bus/ring topology and master-slave communication protocols. They are not very high-speed networks like an enterprise LAN but are deterministic and fault tolerant so that the messages are guaranteed to be delivered on time every time.

Who uses OT?

There is a general myth that only manufacturing organisations use OT. In a digital world, OT is used by almost every enterprise. OT systems are extensively used in power distribution and HVAC systems, which are critical functioning of Data Centers, Offices, Hospitals, etc.

IT/OT integration

There are three key drivers for IT/OT integration:

  1. Ethernet and IP: The Defacto network technologies used in enterprise networks, are extensively being adopted in OT networks. Ethernet is fast, ubiquitous, and low cost. But the standard ethernet used in enterprise networks are not real-time and deterministic. However, several organisations have implemented extensions to the data link layer of ethernet to make it real-time and deterministic. A few of them, such as TSN, EPSG are adopted as standards by IEEE.

  2. Enterprise Applications: The ones like ERP are being integrated with factory to get production data, work in progress and maintenance information to provide real-time visibility to customers and other key stakeholders.

  3. oT & Cloud: With emergence of low-cost wireless and communication technologies, a new breed of solutions was created for interconnecting physical machines and things (in the same way how computers are connected). Applications were developed to capture data from the “things”, store them and analyse them to get meaningful insights. This IoT revolution is further accelerated by Cloud technologies which provide massive storage and computing power.

IT/OT integration is a key component of Industry 4.0 and digital transformation in manufacturing. It enables end-to-end visibility of enterprises, efficient processes, improved productivity, and quality. Having understood the significance of IT/OT integration, let explore some facts about threats and how we are exposed to such threats.

Need for OT security depends on

ot 4

Threats are potential sources of cyber-attack. They can be from within the organisation, such as dissatisfied and compromised employees or from external entities, such as competitors, and enemy countries. Generally, threats have motivations to attain sense of achievement or commercial gain. Sometimes, threats can be imposed because of revenge. It is impossible to eliminate such threats from the cyberworld considering the current geopolitical scenario and a highly competitive environment.

Vulnerabilities are the weaknesses in the system. There can be vulnerabilities in the computers, software, processes and even in people. Threats exploit these vulnerabilities to launch cyber-attacks.

Exposure is the accessibility of computer systems and people to the potential threats. When we are connected to Internet, our computer/device is exposed to billions of users on the Internet. If our device has a vulnerability, a hacker (threat) can steal the data stored in our device.

Mitigating security risk involves:

  • Identifying and controlling the vulnerabilities present in our systems and processes.

  • Limiting the exposure to the extent it is required.

  • Constantly monitoring the threats (based on intelligence from recent attacks across the globe) and implementing controls.

In the past, OT systems in factories were isolated from enterprise network and only few people in the factory had access to it. Most of the systems were proprietary and they were not interconnected. Though these systems may have had many vulnerabilities, the threats were not able to gain access due to the limited  exposure.  However, organisations today are adopting IT/OT integration as it is proving to be a game changer for them. This integration exposes the OT systems to the external world, thereby increasing the security risk.

Since OT systems have limited hardware resources, it is not possible to run CPU intensive advanced security software on these devices. Also, modern IoT/IIOT systems run on standard operating systems, such as Linux and Windows are prone to more known vulnerabilities. Unlike the enterprise IT systems, it is not practical to update security patches frequently in OT systems. So, these vulnerabilities continue to be present for a longer time.

The result of a cyber-attack on OT systems could be catastrophic. This could cause a power plant to shut down, chemical plant to explode and disrupt an entire transport network. The communication protocols in an OT network are different from an enterprise IT network. They are deterministic, time sensitive, fault tolerant and provide guaranteed delivery of commands and information. The security solutions of an IT network cannot be applied for OT systems.

In summary, OT security threats are real and OT systems are more vulnerable compared to IT systems. Securing OT systems require domain expertise in OT devices, networks, and protocols. It is critical that organisations approach OT security in a holistic manner instead of merely extending the currently available IT security solutions.

Share artilce:

linkedin
twitter

BLOGS

cloud

Implementing Effective Cloud Security Strategies

Jun 20, 2024

12 min read

cloud

Mastering Cloud Security for Business Excellence

Jun 20, 2024

14 min read

general

Planning and Implementing Network Admission Control in Your Enterprise

Jun 20, 2024

14 min read

general

Mastering Network Admission Control for Optimal Network Security

Jun 20, 2024

13 min read

Ready to take your company to the next level?

Unlock your business potential with us

Ready to take your company to the next level?

Unlock your business potential with us

Ready to take your company to the next level?

Unlock your business potential with us

Ready to take your company to the next level?

Unlock your business potential with us

Netcon Footer Logo

Engage

Pay as you go

Others

IPs & Accelerators

Contact

Email : info@netcon.in

Phone : +91 99524 00291

Social

linkedin
linkedin

Foward

Together.

Enter the fold
Subscribe to our newsletter

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Footer Logo

Engage

Pay as you go

Others

IPs & Accelerators

Contact

Email : info@netcon.in

Phone : +91 99524 00291

Social

linkedin
linkedin

Foward

Together.

Enter the fold
Subscribe to our newsletter

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Footer Logo

Engage

Pay as you go

Others

IPs & Accelerators

Contact

Email : info@netcon.in

Phone : +91 99524 00291

Social

linkedin
linkedin

Foward

Together.

Enter the fold
Subscribe to our newsletter

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Footer Logo

Engage

Pay as you go

Others

IPs & Accelerators

Contact

Email : info@netcon.in

Phone : +91 99524 00291

Social

linkedin
linkedin

Foward

Together.

Enter the fold
Subscribe to our newsletter

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Ready to take your company to the next level?

Unlock your business potential with us

Netcon Footer Logo

Engage

Pay as you go

Others

IPs & Accelerators

Contact

Email : info@netcon.in

Phone : +91 99524 00291

Social

linkedin
linkedin

Foward

Together.

Enter the fold
Subscribe to our newsletter

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

Netcon Logo
Netcon Logo

BLOG

Data Analytics

Practical Approach to OT Security

BY

Nov 29, 2023

4

min read

OT security
OT security

Importance of OT Security

Primarily, the knowledge and know-how of SCADA systems were limited to people with fancy degrees. The threat landscape mostly consisted of threats from internal employees or advanced persistent threats sponsored by nation states. However, the Stuxnet attack on Iranian Nuclear plants in 2011, blew this out of proportion. The current threat landscape is that, while the industry has improved its OT technologies with better security mechanisms, the knowledge of these are open to public. Now, anyone with internet access can target OT infrastructure and need not be highly funded. Attacks are no longer just from internal employees or nation states.

To start with, let us reflect on some of the most high-profile examples of cyber-attacks on critical infrastructure around the world.

With these examples lingering in our minds, let us be aware of the intensity of havoc that a cyber-attack can bring forth.

ot 1ot 2ot 3

What is OT?

Operational Technology (OT) refers to the hardware & software used to connect, monitor, and control machines, processes, and events in an Industrial environment. OT integrates physical things: to monitor status, control machines and automate processes for significantly improving productivity, quality, and efficiency. OT comprises of the following types of devices and systems:

  • Sensors

  • Actuators

  • Programmable Logic Controllers (PLC)

  • Direct Digital Controllers (DDC)

  • Remote Terminal Units (RTUs)

  • Supervisor Control and Data Acquisition (SCADA) systems

  • Human Machine Interfaces (HMIs)

All the above components are interconnected by wired/wireless communication network to function as a single integrated system. These devices understand common protocols so that they can send/receive commands, status, and control information through the network.

Traditionally, OT network is a separate network in a factory or facility implemented using serial communication networks, shared bus/ring topology and master-slave communication protocols. They are not very high-speed networks like an enterprise LAN but are deterministic and fault tolerant so that the messages are guaranteed to be delivered on time every time.

Who uses OT?

There is a general myth that only manufacturing organisations use OT. In a digital world, OT is used by almost every enterprise. OT systems are extensively used in power distribution and HVAC systems, which are critical functioning of Data Centers, Offices, Hospitals, etc.

IT/OT integration

There are three key drivers for IT/OT integration:

  1. Ethernet and IP: The Defacto network technologies used in enterprise networks, are extensively being adopted in OT networks. Ethernet is fast, ubiquitous, and low cost. But the standard ethernet used in enterprise networks are not real-time and deterministic. However, several organisations have implemented extensions to the data link layer of ethernet to make it real-time and deterministic. A few of them, such as TSN, EPSG are adopted as standards by IEEE.

  2. Enterprise Applications: The ones like ERP are being integrated with factory to get production data, work in progress and maintenance information to provide real-time visibility to customers and other key stakeholders.

  3. oT & Cloud: With emergence of low-cost wireless and communication technologies, a new breed of solutions was created for interconnecting physical machines and things (in the same way how computers are connected). Applications were developed to capture data from the “things”, store them and analyse them to get meaningful insights. This IoT revolution is further accelerated by Cloud technologies which provide massive storage and computing power.

IT/OT integration is a key component of Industry 4.0 and digital transformation in manufacturing. It enables end-to-end visibility of enterprises, efficient processes, improved productivity, and quality. Having understood the significance of IT/OT integration, let explore some facts about threats and how we are exposed to such threats.

Need for OT security depends on

ot 4

Threats are potential sources of cyber-attack. They can be from within the organisation, such as dissatisfied and compromised employees or from external entities, such as competitors, and enemy countries. Generally, threats have motivations to attain sense of achievement or commercial gain. Sometimes, threats can be imposed because of revenge. It is impossible to eliminate such threats from the cyberworld considering the current geopolitical scenario and a highly competitive environment.

Vulnerabilities are the weaknesses in the system. There can be vulnerabilities in the computers, software, processes and even in people. Threats exploit these vulnerabilities to launch cyber-attacks.

Exposure is the accessibility of computer systems and people to the potential threats. When we are connected to Internet, our computer/device is exposed to billions of users on the Internet. If our device has a vulnerability, a hacker (threat) can steal the data stored in our device.

Mitigating security risk involves:

  • Identifying and controlling the vulnerabilities present in our systems and processes.

  • Limiting the exposure to the extent it is required.

  • Constantly monitoring the threats (based on intelligence from recent attacks across the globe) and implementing controls.

In the past, OT systems in factories were isolated from enterprise network and only few people in the factory had access to it. Most of the systems were proprietary and they were not interconnected. Though these systems may have had many vulnerabilities, the threats were not able to gain access due to the limited  exposure.  However, organisations today are adopting IT/OT integration as it is proving to be a game changer for them. This integration exposes the OT systems to the external world, thereby increasing the security risk.

Since OT systems have limited hardware resources, it is not possible to run CPU intensive advanced security software on these devices. Also, modern IoT/IIOT systems run on standard operating systems, such as Linux and Windows are prone to more known vulnerabilities. Unlike the enterprise IT systems, it is not practical to update security patches frequently in OT systems. So, these vulnerabilities continue to be present for a longer time.

The result of a cyber-attack on OT systems could be catastrophic. This could cause a power plant to shut down, chemical plant to explode and disrupt an entire transport network. The communication protocols in an OT network are different from an enterprise IT network. They are deterministic, time sensitive, fault tolerant and provide guaranteed delivery of commands and information. The security solutions of an IT network cannot be applied for OT systems.

In summary, OT security threats are real and OT systems are more vulnerable compared to IT systems. Securing OT systems require domain expertise in OT devices, networks, and protocols. It is critical that organisations approach OT security in a holistic manner instead of merely extending the currently available IT security solutions.

Linkedin

Written by

Share artilce:

linkedin
linkedin
twitter
twitter

Partner with us

Unlock your business potential with our committed team driving your success.

netcon logo

Contact

Email : info@netcon.in

Phone : +91 99524 00291

Social

linkedin
linkedin

Others

IPs & Accelerators

Foward

Together.

Forward together means questioning the status quo. Disrupt. Innovate. Break it, then build it better. We're not passengers; we're the engineers of tomorrow's tech landscape.

Forward together means embracing the collective. Relationships power our servers and drive our solutions. Your wins are our wins, your challenges beckon our brilliance. Collaboration isn't a method; it's our lifeforce.

Forward together, we carry the mantle of sustainability. We don't just occupy space on this Earth; we vow to leave it better. Eco-ethical codes aren't buzzwords; they're in our codebase.

Strive, but never alone. Reach, but always in tandem. At the crossroads of passion and profession, you'll find balance. You'll find life.

When the trek gets tough, lean on the fortitude of the collective. Seek inspiration in our shared purpose, find courage in our unified resolve.

You're no mere employee; you're the next chapter in a storied lineage. You are Netcon. You are the manifesto. So, carry these words. Let them guide, let them ignite.

Forward Together. Welcome to the vanguard of change. Your mission begins now. Welcome to Netcon.

Enter the fold
Subscribe to our newsletter

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.

netcon logo

Contact

Email : info@netcon.in

Phone : +91 99524 00291

Social

linkedin
linkedin

Others

IPs & Accelerators

Foward

Together.

Forward together means questioning the status quo. Disrupt. Innovate. Break it, then build it better. We're not passengers; we're the engineers of tomorrow's tech landscape.

Forward together means embracing the collective. Relationships power our servers and drive our solutions. Your wins are our wins, your challenges beckon our brilliance. Collaboration isn't a method; it's our lifeforce.

Forward together, we carry the mantle of sustainability. We don't just occupy space on this Earth; we vow to leave it better. Eco-ethical codes aren't buzzwords; they're in our codebase.

Strive, but never alone. Reach, but always in tandem. At the crossroads of passion and profession, you'll find balance. You'll find life.

When the trek gets tough, lean on the fortitude of the collective. Seek inspiration in our shared purpose, find courage in our unified resolve.

You're no mere employee; you're the next chapter in a storied lineage. You are Netcon. You are the manifesto. So, carry these words. Let them guide, let them ignite.

Forward Together. Welcome to the vanguard of change. Your mission begins now. Welcome to Netcon.

Enter the fold
Subscribe to our newsletter

© Copyright 2024 Netcon Technologies. All rights reserved. All logos and trademarks used belong to their respective owners.