Finding common ground in IT/OT convergence

The interconnection of information technology (IT) and operational technology (OT) is a source of new opportunities and challenges. With increasingly automated and robotic supply chains, manufacturing and engineering companies are becoming more connected, but this exposure to external data flows inevitably leads to new risks.

12/07/2017


One of the biggest challenges facing the industrial sector is understanding the risk and impact cybersecurity attacks can have as the transition to Industrie 4.0 and the Industrial Internet of Things (IIoT) gains momentum. Companies are starting to realize there is a significant gulf between the priorities of operations technology (OT) and information technology (IT) teams and this has a major effect on cybersecurity initiatives.

For engineers on the OT side, the focus is on available services. Production must continue because any interruption could result in a serious setback and it must be safe because engines, motors, and processors carry a physical risk to operators. IT, on the other hand is not worried unduly about availability, but a computer network security breach that could wipe out essential data and has the potential to let hackers gain access to control systems.

However, many manufacturers either believe their production processes are unconnected to the Internet, or they haven't considered there was even an Internet connection in the factory. In a recent incident, a control room that monitors petrochemical facilities went down and the computers showed an error resembling a ransomware attack. When an employee went to make a coffee, they realized the same error message was showing on an Internet-connected coffee machine.

Instead of being connected to an isolated Wi-Fi connection, the machine had been connected to the internal control room network. Given the timing of this attack, the network was likely infected by WannaCry ransomware, which also was responsible for infecting millions of devices worldwide that were running Microsoft Windows XP.

The gap between the factory and the Internet has become virtually non-existent. With the growth of Internet of Things- (IoT-) connected devices, cybersecurity risks are escalating. For most engineering firms, however, the focus remains on designing sophisticated systems that are robust and safe, and this is having a detrimental effect on securing networks. 

How high is the risk?

In many ways, the lack of real concern in the industrial sector to date is understandable. The technology used in manufacturing enterprises is rarely standard, highly complex, and often unique. This would mean a malicious attack on industrial processes would have to be very specific in order to do harm.

The status quo is about to change. Reports about a new virus called Industroyer have indicated it has the power to seriously damage or compromise industrial control systems (ICSs). This virus can speak four industrial languages and is highly customizable and can be used in targeted attacks. Its use goes beyond extorting money from individuals and is more likely to be used for nation-state attacks that disrupt vital infrastructure.

Ukraine has been on the receiving end of attacks of this nature with two widespread blackouts occurring in the winters of 2015 and 2016. Both attacks left 700,000 homes without power or water in Western Ukraine. The 2015 incident is believed to be the first example of a hacking attack deliberately targeted at a power grid and was attributed to state-sponsored hackers in Russia.

Industrial operational systems, while robust, are not safe from attack, and they aren't compatible with today's interconnected environment. Now, as OT and IT systems converge, there is an urgent need to find a balance between ensuring availability and securing themselves against cyber attacks. 

Changing mindsets

Change has to happen between departments and people before any change can be made to technology. Engineers speak a different language than IT managers. They need to agree upon a common approach and strategy.

This becomes more important every day. The influence of Industrie 4.0 on automation is bringing about major changes and greater adoption of cloud and cognitive computing. This creates a need for massive computer resources to support the flow of data to and from the cloud via IoT-connected devices. Factories are communicating in real time across networks and they need to be secure as they adopt Industrie 4.0.

Standard firewalls and security software are not enough. Next-generation firewall hardware needs to be built to adapt to industry prerequisites such as DIN-rail mounts.

These solutions would be "hardened" and ruggedized according to key criteria, including temperature, dust, and humidity. In order to provide the same level of security, the firmware needs to include specific industrial protocols while being sensitive to the need for safety.

Ordinarily, if a firewall crashes in an IT setting, the network stops functioning. In an industrial setting, however, safety modes enable a packet to go through regardless of whether there is power because for OT systems, availability and safety are the main priorities. The factory then has to be stopped in a safe position.

OT and IT need to work together to combat the risks regardless of what they are. The threat to the new generation of manufacturing enterprises does not have to impact companies if appropriate consideration is given to safety, availability, and security.

Robert Wakim is industrial offer manager at Stormshield. This originally appeared in a November 6 article on the Control Engineering Europe website. Edited by Chris Vavra, production editor, Control Engineering, CFE Media, cvavra@cfemedia.com.

MORE ANSWERS

www.controleng.com keywords: cybersecurity, Industrie 4.0 

  • Increased connectivity, thanks to Industrie 4.0 and the Industrial Internet of Things (IIoT), increases the risk of a potential cybersecurity attack against manufacturers.
  • As operations technology (OT) and information technology (IT) systems converge, a balance between ensuring available services and securing themselves against cyber attacks needs to be achieved.
  • OT and IT need to work together to combat cybersecurity risks. 

Consider this

What else can be done to better protect OT and IT systems as they become more connected?



Engineers' Choice Awards
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers.
System Integrator Giants
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
How to Maximize Factory Automation Efficiency with Low Cost Machine Vision
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Wireless Reliability in Harsh Environments
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
Human Factors and the Impact on Plant Safety
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
July 2018
Ladder logic best practices and object-oriented programming, safety instrumented systems, enclosure design issues and challenges, process control advice
June 2018
Discrete and process sensor fundamentals, autotuning controls, system integrator roundtable
May 2018
Salary and Career Survey, IT and OT convergence, robotic standards and safety, secure circuit protection
Edge Computing
This article collection contains several articles on how today's technologies heap benefits onto an edge-computing architecture such as faster computing, better networking, more memory, smarter analytics, cloud-based intelligence, and lower costs.
Data Center Design
Data centers, data closets, edge and cloud computing, co-location facilities, and similar topics are among the fastest-changing in the industry.
PLCs
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. Featured articles in this digital report compare PLCs and programmable automation controllers (PACs), industrial PCs, and robotic controllers.
SIDB

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

June 2018
Machine learning, produced water benefits, progressive cavity pumps
April 2018
ROVs, rigs, and the real time; wellsite valve manifolds; AI on a chip; analytics use for pipelines
February 2018
Focus on power systems, process safety, electrical and power systems, edge computing in the oil & gas industry
John O. Ayuk, PE, CFSE, PMP, CAP
Automation Engineer; Wood Group
Doug Baker
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Engineers' Choice Awards
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers.
System Integrator Giants
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
How to Maximize Factory Automation Efficiency with Low Cost Machine Vision
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Wireless Reliability in Harsh Environments
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
Human Factors and the Impact on Plant Safety
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
July 2018
Ladder logic best practices and object-oriented programming, safety instrumented systems, enclosure design issues and challenges, process control advice
June 2018
Discrete and process sensor fundamentals, autotuning controls, system integrator roundtable
May 2018
Salary and Career Survey, IT and OT convergence, robotic standards and safety, secure circuit protection
Edge Computing
This article collection contains several articles on how today's technologies heap benefits onto an edge-computing architecture such as faster computing, better networking, more memory, smarter analytics, cloud-based intelligence, and lower costs.
Data Center Design
Data centers, data closets, edge and cloud computing, co-location facilities, and similar topics are among the fastest-changing in the industry.
PLCs
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. Featured articles in this digital report compare PLCs and programmable automation controllers (PACs), industrial PCs, and robotic controllers.
SIDB

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

June 2018
Machine learning, produced water benefits, progressive cavity pumps
April 2018
ROVs, rigs, and the real time; wellsite valve manifolds; AI on a chip; analytics use for pipelines
February 2018
Focus on power systems, process safety, electrical and power systems, edge computing in the oil & gas industry
John O. Ayuk, PE, CFSE, PMP, CAP
Automation Engineer; Wood Group
Doug Baker
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Engineers' Choice Awards
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers.
System Integrator Giants
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
How to Maximize Factory Automation Efficiency with Low Cost Machine Vision
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Wireless Reliability in Harsh Environments
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
Human Factors and the Impact on Plant Safety
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
July 2018
Ladder logic best practices and object-oriented programming, safety instrumented systems, enclosure design issues and challenges, process control advice
June 2018
Discrete and process sensor fundamentals, autotuning controls, system integrator roundtable
May 2018
Salary and Career Survey, IT and OT convergence, robotic standards and safety, secure circuit protection
Edge Computing
This article collection contains several articles on how today's technologies heap benefits onto an edge-computing architecture such as faster computing, better networking, more memory, smarter analytics, cloud-based intelligence, and lower costs.
Data Center Design
Data centers, data closets, edge and cloud computing, co-location facilities, and similar topics are among the fastest-changing in the industry.
PLCs
Programmable logic controllers (PLCs) represent the logic (decision) part of the control loop of sense, decide, and actuate. Featured articles in this digital report compare PLCs and programmable automation controllers (PACs), industrial PCs, and robotic controllers.
SIDB

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

June 2018
Machine learning, produced water benefits, progressive cavity pumps
April 2018
ROVs, rigs, and the real time; wellsite valve manifolds; AI on a chip; analytics use for pipelines
February 2018
Focus on power systems, process safety, electrical and power systems, edge computing in the oil & gas industry
John O. Ayuk, PE, CFSE, PMP, CAP
Automation Engineer; Wood Group
Doug Baker
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me