Industrial Control Systems (ICS) generally encompass several types of control systems, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC) often found in the industrial sectors and critical infrastructures. ICS are typically used in industries such as electrical distribution, water treatment plants, oil and natural gas pipelines, chemical, transportation, pharmaceutical, food and beverage processing, and discrete manufacturing such as automotive, aerospace, and durable goods. These control systems are critical to the operation of any country's critical infrastructures that are often highly interconnected and mutually dependent systems.
Supervisory Control And Data Acquisition
SCADA systems are highly distributed systems used to control geographically dispersed assets, often scattered over thousands of square kilometers, where centralized data acquisition and control are critical to system operation. They are used in distribution systems such as water distribution and wastewater collection systems, oil and natural gas pipelines, electrical power grids, and railway transportation systems. A SCADA control center performs centralized monitoring and control for field sites over long-distance communications networks, including monitoring alarms and processing status data. Based on information received from remote stations, automated or operator-driven supervisory commands can be pushed to remote station control devices, which are often referred to as field devices. Field devices control local operations such as opening and closing valves and breakers, collecting data from sensor systems, and monitoring the local environment for alarm conditions.
Distributed Control Systems
DCS are used to control industrial processes such as electric power generation, oil refineries, water and wastewater treatment, and chemical, food, and automotive production. DCS are integrated as a control architecture containing a supervisory level of control overseeing multiple, integrated sub-systems that are responsible for controlling the details of a localized process. Product and process control are usually achieved by deploying feed back or feed forward control loops whereby key product and/or process conditions are automatically maintained around a desired set point. To accomplish the desired product and/or process tolerance around a specified set point, specific PLCs are employed in the field and proportional, integral, and/or derivative settings on the PLC are tuned to provide the desired tolerance as well as the rate of self-correction during process upsets. DCS are used extensively in process-based industries.
Programmable Logic Controllers
PLCs are computer-based solid-state devices that control industrial equipment and processes. While PLCs are control system components used throughout SCADA and DCS systems, they are often the primary components in smaller control system configurations used to provide operational control of discrete processes such as automobile assembly lines and power plant soot blower controls. PLCs are used extensively in almost all industrial processes.
Why Cyber Security Assessments of ICS is Important?
Industrial Control Systems (ICS) were originally built as stand-alone systems that were not interconnected and had little in the way of security protections. With the advent of the internet the design of many ICS have changed such that the control network is now often connected as an extension of the corporate IT network. This means that these ICSs are potentially reachable from the internet by malicious and skilled adversaries. In addition, new vulnerabilities often are discovered in the current operating systems and third-party software that make up today’s ICSs. The implications of these vulnerabilities to the ICS domain may not be obvious, but could be exposed by a cyber security assessment.
Threats to control systems can come from numerous sources, including adversarial sources such as hostile governments, terrorist groups, industrial spies, disgruntled employees, malicious intruders, and natural sources such as from system complexities, human errors and accidents, equipment failures and natural disasters.
We provide ICS owners and operators with cyber security assessment services so they can find out whether their system is vulnerable to a cyber attack. The assessment identifies and seeks to mitigate vulnerabilities that would allow an attacker to disrupt or take control of the system.
Our assessment methodologies include:
End-to-end penetration assessments
An end-to-end penetration assessment is one in which the goal of the effort is to gain an understanding of how far an attacker could reach.
Component testing is testing pieces of an ICS separately from the rest of the system. These tests usually work with the target component isolated (disconnected) from the rest of the ICS. An example of a component test is a PLC, RTU, HMI application or database that plays a significant role in the ICS.
Technical documentation review
A technical documentation review examines an ICS by looking over documents such as system inventory, architecture diagrams, process diagrams, procedures and process documents. A technical document review can be an effective tool if the goals for the task are to prepare for a cyber security assessment or to improve the process.
Functionality and configuration review
This is examining the ICS by validating the functionality and checking the configuration of the system in an effort to understand the ICS’s unique requirements and characteristics. This activity could identify areas where the process could be optimised. This is the only way to assess and secure the production system components and network.
The goal of these interviews would be to gain further understanding and insight into the processes and procedures of the ICS. Interviewing key staff should be part of a production assessment and the documentation and configuration review processes.
Risk analysis is used to determine whether an asset is protected and to what level. A cyber security risk assessment is a mathematical way to estimate the likelihood that a system can be attacked using cyber means.