Analyzing security in industrial automation systems

Analyzing security in industrial automation systems#

Security principles#

Based on the preparation:

Principle of least privilege

… requires that every component of a computer system, e.g., program, user, must be able to access only the information and resources that are necessary for its purpose.

Defense in depth

A concept in which multiple layers of defense are placed through a system

Fail-safe

A design feature or practice that, in the event of a failure of the design feature, inherently responds in a way that will cause minimal or no harm to its environment.

KISS principle

A design principle that implies that simplicity should be a design goal.

Separation of duties

The concept of having more than one person required to complete a task.

Open design

A design which is publicly available so it can be built or understood.

Segmentation

Division of a system into multiple isolated subsystems. Different subsystems can have different security requirements.

Usability

Capacity of a system to provide a condition for its users to perform the tasks safely, effectively, and efficiently while enjoying the experience.

E.g., users use post-its if the password requirements are hard to remember.

Attack surface

The sum of a software environment’s different points where an attacker can try to enter data to, extract data from, or control a device or critical software.

We should minimize the attack surface.

Secure by default

All the security features of a system are turned on when a product is delivered.

Activity#

Activity 61 (Analyzing attack surface)

Open the diagram on Guide to Operational Technology (OT) Security - Section 2.3.4 Programmable Logic Controller-Based Topologies

  1. You see the following components on the diagram:

    1. Engineering Workstation

    2. Data Historian, i.e., Operational historian

    3. PLC

    4. Photo Eye, i.e., Photoelectric sensor

    5. HMI, i.e., human–machine interface; a kind of user interface

    6. Servo Drive, Variable-frequency drive, i.e., motor controller electronics

    We have in the laboratory the following components:

    1. Robot arm

    2. Gripper

    3. Sensors, e.g., photoelectric sensors, limit switch, camera for object identification

    4. Pendant

    5. Ethernet cable

    6. Your computer

    Match the laboratory components to the components in the diagram. In other words, which component on PLC control system implementation example represents which component in our laboratory?

  2. Draw a similar diagram using the components in our laboratory. Also include the human user.

  3. Attack vector

    A specific path, method or scenario that can be exploited to break into an IT system. The term was derived from the disease vector in biology.

    Examples:

    • phishing leading to unauthorized access to a computer

    • malware infection resulting in manipulation or stealing of a database

    • exploiting a security vulnerability in a PLC’s administrative web interface causing denial of service or unwanted control actions, e.g., driving the motors above their limits.

    Identify potential attack vectors on the diagram you have drawn.

  4. Imagine that your attack vectors are successful. List at least three consequences. Example perspectives: IT, OT, business.

  5. Pick at least three principles from the section Security principles to secure your system against the attack vectors you have chosen.

Contents