Blog del CCI

miércoles, 13 de noviembre de 2013

ISA Automation Week at Nashville, Tennessee, USA: “Safety, the other face of the industrial cyber security coin” (Ayman AL-Issa)

“Safety, People, Business, and Technology in the world of automation, they are all connected”, this was the logo for the automation week 2013 held at Nashville, Tennessee, USA.  The conference covered several tracks that addressed the challenges that the world is facing to improve and revolutionize in the IACS “industrial automation and control systems” arena.

Industrial network cyber security was one of the main tracks and topics that was discussed during the conference, and took a lot of importance as it was transparently clear that industrial cyber security is moving very slow compared to the increase and sophistication of industrial cyber threats.  This was clear in the speech of Major General Robert Wheeler, Deputy Chief Information Officer C4 & IIC where he referred to that as ‘Speed of Change’, without which our nation would not be able to stay ahead.

Industrial cyber security is not only seen today as a concern on a virus spread or malfunction of a system, but it is the means to protect human lives, environments and the critical infrastructures themselves.  It is indeed true that cyber security in the industrial network is an inherent part of safety in these environments.

There is no doubt that industrial security measures are always behind the emerging cyber risks, and the bad guys are still and will continue to be ahead, so knowing about what is happening in the industrial network is an essential part of securing such network and systems.

Eric Knapp of Wurldtech and North America Chief Technical Advisor in CCI, one of the world top experts in the industrial cyber security and the author of the two books “Industrial Network Security” and “Applied Cyber Security and the Smart Grid” said in his interesting presentation about “If your network was under attack today, would you be able to till?” that providing visibility into industrial control systems is an important approach towards securing these control systems.  He also mentioned that these networks get hacked once the developers start modifying these control systems to fit their environment.  I do put my hand with Eric and I emphasize that it shall be clear to everyone in this field that these networks are not ideal - as many think - due to the major changes that are done to these networks at  the implementation phases and when integrating automation systems DCS, ESD, F&G and many other utilities with each other.

Industrial cyber security expert Eric Byers who received ISA award and was officially recognized for his “leadership in developing numerous innovations, industry standards, and best practices in industrial cyber security” talked about the importance of segmenting the industrial networks by industrial security systems and how that would help in protecting these networks and narrowing the spread of infections to smaller parts of the plants rather than having larger parts of the plants affected by such infections.  Eric also mentioned that Air gaps do not exist at any system that needs any kind of update during the lifetime of the industrial control system, and little of these systems need no updates.

I emphasized in the conference on the need for industrial cyber security by design and the need for adopting and implementing an industrial defense-in-depth model to protect the modern industrial systems.  Doing this at the design phase is much easier and less complicated that doing it as a make up at the end of implementing the IACS.

I also discussed the importance of thinking about “how the plant cyber security solution can be implemented/supported/operated during the plant long-life span “20 to 30 years or more”.  For that it is apparently important to realize that the only way for enabling this support is to have long-term partnerships between the automation and cyber security vendors to reduce the chances of system conflicts and to have an “automation/cyber security” joint-testing environment for the cyber security updates prior to releasing them by cyber security vendors.  Plant floor is never the right place for testing the continuous cyber security updates.

Lots of very interesting presentations were delivered during the conference days, and many exiting cyber security discussion took place.  It was an admirable gathering of the industrial cyber security gurus in a step to bring industrial cyber security forward.

It worth mentioning that another ISA conference will be held on December this year at Dammam, Saudia Arabia trusting that these conferences will shed more light on the importance of development, improvement, and security within the industrial automation and control systems.

Ayman AL-Issa
Digital Oil Fields Cyber Security Advisor

No hay comentarios :

Publicar un comentario