Security for wireless instrumentation

Cover story: Keeping wireless field device communications secure: Protocols for wireless instrumentation and other field devices use encryption as a key security element. Is it enough?


The last decade has seen huge growth in wireless process instruments and other field devices. While there was a brief time of protocol development, most suppliers and end users have settled on either ISA100.11a (IEC 62734) or WirelessHART (IEC 62591). These two protocols are similar in many ways, including use of the IEEE 802.15.4 radio, but their differences make them incompatible. Some end users have embraced wireless technology rapidly because it offers many advantages for deploying instrumentation and other devices in difficult environments where conventional wiring is expensive or otherwise impractical.

At the same time, other users have taken a more conservative approach, not fully convinced that devices depending on radio rather than direct wiring can be sufficiently reliable and secure. After all, radio wave signal propagation can be disrupted in various ways, and its nature makes it difficult to limit where the signal may travel. In this time of concern about cyber security, is it prudent to have such devices using radio communication in critical applications?

Encrypted communication

Figure 1: ISA100 wireless security operates at two levels—in the transport layer and the data-link layer. With these working together, encryption provides very solid protection. Courtesy: ISA100 WCIISA100.11a and WirelessHART both use sophisticated encryption methods, including 128-bit Advanced Encryption Standard (AES) block cipher. But what does this mean, and does it ensure security? As mentioned before, the two main protocols are incompatible. While there are many similarities, there are also many differences. For purposes of this discussion, we will concentrate on ISA100.11a.

"ISA100 Wireless security operates at two levels, in the transport layer and the data-link layer," says the ISA100 Wireless Compliance Institute (WCI) website (Figure 1). "Transport layer security protects your data. It provides end-to-end assurances that mission-critical messages received are secret and authentic. Data-link layer security protects the network. It provides hop-by-hop assurances that each message is flawlessly transmitted to the next hop, with detailed performance and security diagnostics accumulated at each point."

So what does this mean? Encryption is very important to the extent it is impossible to build any kind of secure wireless network without it. Providing security at two levels in this manner is, for all practical purposes, unbreakable. This method has not been broken, and there is no known technology available today able to break it. However, while it makes the transport mechanism rock solid, there are many other elements to the larger security picture. 

Identify the biggest threat

Any security practitioner has to consider the larger picture. Having the support of a solid transport layer is a good start, but is the notion of an attacker intercepting and decoding our data transmissions the only threat? In many respects the most serious threat users should be concerned about is the potential for disruption of the radio communication, as it is not only possible but relatively easy. Consider these situations:

  • Visitors to various large churches in Mexico City may find that their cell phones stop working when they're inside the sanctuary. This is not divine intervention or a strange coincidence, but a result of a cell phone jammer deployed in the building. Church officials install these devices deliberately to stop phones from ringing and to prevent visitors from carrying on phone conversations. Such jammers are illegal in the U.S., but they can be used in many other countries.
  • Marriott Hotels was fined $600,000 by the U.S. FCC for blocking Wi-Fi hotspot devices used by guests in its hotels. The hotel chain claimed it was a cyber defensive strategy to protect its networks, but the FCC didn't buy the argument because they felt Marriott was forcing guests to purchase their Wi-Fi services.
  • Delivery trucks can be tracked by their companies using GPS devices. Operators sometimes purchase radio frequency jammers to render these systems inoperative and keep their movements private.

What is the common element? All these scenarios use frequency-specific jamming devices to disrupt particular kinds of radio communication. Has such a thing happened with wireless field devices? Not yet, but there is nothing to say it can't. Some crude, but effective, devices aren't as specific about frequencies they disrupt. They can render everything from AM radio to the highest communication frequencies unusable in an instant, and they don't require breaking encryption. The ultimate intent is to cause a denial of service (DOS). 

Wireless service denied

Should the possibility of a DOS attack make you think twice about using wireless instrumentation? It shouldn't stop you entirely, but it should make you think about how you apply it. Ask yourself what would happen to your process if such a disruption actually occurred.

Devices designed to jam other signals, whether crude or sophisticated, have to be relatively close to the signals they mean to interrupt, and they have no capability to gather information or serve as a method for gaining access to another network. They are the cyber security equivalent of throwing a brick through a window.

Jamming devices are not difficult to detect so they can usually be located and disabled. Interference that causes jamming can also come from other unintentional sources, so disruptions should not always be seen as an attack. Poorly shielded equipment elsewhere in your plant can cause radio-frequency interference (RFI) that is just as troublesome. In some cases this may require moving the RFI source or network assets to points where the interference is blocked by a building or other plant infrastructure.

A hacker's attack plan

An equally meaningful question is how to face more sophisticated attackers who want to move into an operation. Wireless networks have an appeal for hackers because they carry outside of a plant's fence. An individual with the right kind of receiver can pick up the signal between a wireless level sensor and its gateway. Can such a signal be hijacked and used as an attack vector?

There are two main things hackers want to do. First, they want to disrupt an operation, such as changing setpoints, injecting confusing data, or damaging equipment. Stuxnet was an example of this approach, where the objective was to damage centrifuges by changing operational setpoints.

Second, hackers are there to steal information, and they may be after plant data, but more likely they want something of greater value. Some hackers believe plant networks are not as well protected as enterprise-level networks, so they use them as an entry point with the intent of moving up from below. A hacker's intent will likely be defined by the source. Some do it strictly for the money, while nation-state hackers may have a political agenda. 

<< First < Previous 1 2 Next > Last >>

No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Additive manufacturing benefits; HMI and sensor tips; System integrator advice; Innovations from the industry
Robotic safety, collaboration, standards; DCS migration tips; IT/OT convergence; 2017 Control Engineering Salary and Career Survey
Integrated mobility; Artificial intelligence; Predictive motion control; Sensors and control system inputs; Asset Management; Cybersecurity
Featured articles highlight technologies that enable the Industrial Internet of Things, IIoT-related products and strategies to get data more easily to the user.
This article collection contains several articles on how automation and controls are helping human-machine interface (HMI) hardware and software advance.
This digital report will explore several aspects of how IIoT will transform manufacturing in the coming years.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Mobility as the means to offshore innovation; Preventing another Deepwater Horizon; ROVs as subsea robots; SCADA and the radio spectrum
Future of oil and gas projects; Reservoir models; The importance of SCADA to oil and gas
Automation Engineer; Wood Group
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me