Cyber Security



Securing the Digital Plant

By Sam Galpin, Bedrock Automation
Securing the Digital Plant

How intrinsic cyber security, open standards and Moore’s law have converged to enable a new era of industrial productivity improvement

Manufacturing and process industry executives have been hearing about the promise of the digital enterprise for more than 30 years and now, and just when it looked like it was about to surge, a problem emerged: making the most of digital connectivity requires standards-based technology, which unfortunately come with cyber vulnerability.

Mainstream suppliers control systems and other operational technology (OT) hadn’t taken that into account in their technology architectures, leaving operations teams wondering how much to invest in adding firewalls and other information technology (IT) to protect the aged controls into which they were now locked. Many have chosen to forgo any benefit that IIoT, cloud, data analytics or other emerging advancements may deliver, waiting for the industry to come up with a better solution.

At long last, the following trends have converged to make the digital enterprise feasible:

  • The embedding of military-grade authentication and encryption technology deeply into OT;
  • The emergence of communication and integration software standards that can use advanced authentication and encryption to secure data exchange among field devices and operations improvement applications; and
  • Semiconductor price/performance that continues to advance, roughly as Moore’s law has predicted.

Effective security starts in the OT hardware

Mission-critical OT for production plants includes PLCs, RTUS, DCSs or other control technology that automate control pumps, gas lifts, valves and all other production elements based on signals from field instruments. Breach of any of these systems can result in millions of dollars a day in lost production, safety risk or theft of intellectual property.  

Cyber security practices that the military, aerospace and online commerce industries use to secure their operations have proven effective but had not been available for industrial process control because the vendors were heavily invested in automation technology that was designed before cyber security was an issue. Now, however, these cyber security solutions — based on what is known as public key infrastructures (PKIs) — are at last finding their way into the manufacturing and process industry.

In a PKI, a third party known as a certificate authority (CA) assigns unique identifying certificates to all participants or devices that require access to data or controls. Once set up, PKI mediates access to data and devices in real-time.  Message sources and destinations are authenticated, and the content is end-to-end encrypted.  Each device in the system becomes responsible for its own security.  For example, the information in certificates allows a controller to know that a message changing a setpoint comes from a known operator with adequate privileges. Security no longer depends on firewalls, intrusion detection devices or other technology that attempts to filter access. Think vaccination vs. hazmat suit. Those bolted-on perimeter protections can be breached easily by many hackers.  Cracking properly implemented PKI cryptography, however, is well beyond the ability of today’s most sophisticated hackers. Trust no longer relies on a secure network but on secure endpoints. Communications can flow securely over otherwise insecure links including the Internet.

An industrial device with a built-in PKI is essentially immune to cyber penetration, but it must be designed in from the beginning. Intrinsic security of this depth rests on secret electronic keys that have been burned into the silicon in the manufacturing process. This is critical to ensure that the control processor boots up securely because the first code it encounters cannot be encrypted.  Protecting this code with signatures or checksums assigned afterward won’t work, because anyone that can access that information can breach the system. Multi-stage verification based on keys that only the system hardware will ever know provides maximum security. This is why it is also critical to assess the integrity of the component supply chain of any supplier of critical automation technology.

Securing data exchange

Embedding cyber security PKI into automation technology not only all but eliminates the possibility of unauthorized access to critical controls, but the third-party root of trust it provides can also secure open data exchange. 

Digital transformation, big data analytics, and the Internet of Things (IoT) are all hot topics.  The underlying premise is that data can and should be able to flow anywhere needed.  For example, there is no need to send a technician to a process unit just to check some values and perhaps tweak some adjustments.  These things can be done from the control room, even for remote sites.  With today’s technology, a production unit can report a wealth of production and diagnostic information and even be controlled from the far side of the planet. At the plant level, this means few maintenance visits. At the field level this may mean fewer and more focused truck rolls.  At the enterprise level it becomes possible to dynamically optimize the operation of the entire process line using data collected at the point of production.

The enabling technology has two parts.  First, for data to flow, computers must understand each other.  Just as people communicate using a common language, computers rely on protocols.  There are many protocols.  Some are proprietary, others are based on open standards.  Adherence to open industry standards reduces the cost of implementing, operating and maintaining automation systems while optimizing performance.

Second, anywhere is not everywhere.  The protocols must not only be open but also secure.  The gold standard for secure communication is PKI based on mutual authentication and encryption.  This not only ensures that any message looks like gibberish to an eavesdropper, but also ensures it flows from the intended source to the intended destination.  If properly implemented, the cryptography is for practical purposes unbreakable without access to the secret keys.  The ability to protect keys is the foundation of intrinsic security.  It must be built-in.

Performance and security at the speed of Moore

The third essential enabler of the digital plant is the advancement of semiconductor performance, roughly following Moore’s law, which predicts that the number of transistors in a densely integrated circuit doubles about every two years.

Maximum bandwidth at affordable prices is critical for at least two reasons. One is that conducting so many real-time authentication and decryption operations in a high output processing environment requires more bandwidth than most systems have today.  Second, with security at the control and data exchange level, you will be able to enjoy advantages of big data. Real-time production data can help monitor production more efficiently, manage assets more strategically, and manage flow more effectively, and that’s just for starters. Much as few people ever imagined that they would need more than 32 GB of memory on their phone, today many are looking at 256 GB and beyond. Likewise, as more control capability is pushed out to the field, the need for maximum bandwidth and storage is increasingly essential to being able to tap into the full potential that a secure, digitally-enabled plant can now deliver.

 

Industrial controllers with public key infrastructures (PKIs) comparable to what are used in military and aerospace applications and with advanced computing and memory capabilities are making it much tougher for hackers to access production data and controls. The Bedrock Open Secure Automation (OSA) system pictured above was designed from the silicon on up to provide PKI cryptography.