24 May 2022

Critical steps to ensure cyber-security

Smart technologies

Gareth Powell, systems integration manager at industrial control systems specialist Delkia, explains how cyber-security affects functional safety and why certain defensive measures are needed to ensure a system’s integrity.

Although Malware in standard Information Technology (IT) systems is disruptive, it is not generally life threatening. However, what happens when this malware is transmitted to thousands of sensors in a nuclear plant, causing a major incident and putting people, assets and the environment at risk? Stuxnet is an example of a malware attack in recent years that targeted industrial control systems. The malware was used to compromise PLC programming with the intent to cause catastrophic failure to centrifuges in Iran’s nuclear programme. This caused irreparable damage to delicate equipment.

Engineers now need to be cognisant of how they design systems and maintain procedures, policies and behaviours so industries are not blind to extra risks. These risks are multiplied as mission-critical businesses increasingly adopt wireless technologies and use offsite data centres.

Managing vulnerabilities

Cyber-threats need to be considered at every stage of the functional safety lifecycle. During the design stage, it’s important that engineers eliminate blind spots by clearly identifying each element of the control system as well as the security breaches that are likely to occur and how to tackle these.

Plant managers should carry out cyber-risk assessments of their operational technology (OT) systems to identify additional security measures that may be required. Following the security standard IEC 62443, this involves picking holes in the work protocols, countermeasures and employee behaviours, as well as the technology comprising the control system itself, to ensure full functional safety. Often after installing a system, penetration testing is carried out to check its robustness and integrity before it is installed in a facility.

After installation, physical security measures can be put in place to ensure cybersecurity. This could be as simple as managing user permissions or installing the latest hardware, software or firewalls to continuously monitor cyber-threats. Firewalls are most effective when only specific users can access the system, and when any ports that are not needed to support the control system connections outside the corporate LAN are blocked.

Importance of data monitoring

Logging, monitoring and analysing your data via a Process Control System (PCS) is also a critical step to ensure cyber-security because it enables businesses to detect malicious activity. Because not all sensors and equipment produce security logs, it’s vital to focus efforts on the instrumentation in the path of an intruder that can give you data.

Being able to monitor data in real-time is also important for operators responding quickly to potential threats to functional security. If a cyber-threat is detected early enough, and the relevant personnel are informed immediately through Human Machine Interfaces (HMIs) connected to the PCS, action can be taken to prevent costly damage. For a nuclear power plant, subversion of a system could result in the dismantling of safety-critical measures. To this end, it is vital action is taken quickly.

Supply chain security

According to the National Cyber Security Centre (NCSC), one of the most important steps in protecting your control system against cyber-attacks is collaborating with suppliers and partners.

With the right team of cybersecurity experts and systems integration engineers, Delkia, for example says it is well positioned to advise, deploy or support on functional safety practices affected by cyber-threats. This includes undertaking risk and vulnerability assessments, installing antivirus software, firewalls, intrusion detection systems and alert logging and monitoring capabilities.

Company info: Delkia