9 min read
It is no secret that as more and more devices connect to the internet, the challenges of securing the data that they transmit and the communications that they initiate are becoming more profound. Back in 2013, when Gartner first came out with the report stating that we would see 26 billion devices by 2020, it was already crystal clear that with the IoT hype, we would also witness the greatest threats to data security come to life. Several examples come to mind, when devices in the field have been compromised by hackers trying to prove that the internet link connecting the device is compromised. Remember the Jeep Cherokee hacking incident back in 2015?
Over the years, we have seen a surge in IoT devices, broadly in 2 areas – in homes and in manufacturing. With the former, we have seen an entire ecosystem built around Amazon's Echo devices using the Alexa Voice Service. Google, Microsoft, and Apple have followed suit as well. Since these are independent and closed platforms, the responsibilities of securing the devices rest with the platform providers. In this blog, we will discuss cybersecurity in manufacturing and related industries. In industrial manufacturing and other such capital-intensive industries, it would be fair to say that the challenges of securing IoT devices are several and unsolved for the most part, due to a variety of reasons.
As SCADAhacker highlights, industries such as manufacturing, oil & gas, refining, pharmaceuticals, food & beverage, water treatment, and many more are constantly looking to add the right layers of security, as they bring an increasing number of equipment and devices online. Device manufacturers and plant operations managers constantly face pressure to protect their physical assets from cyber threats. Moreover, for each of these industries, the nature of the data, topologies of IoT devices, and complexities of threat management and ensuring compliance vary widely. To give the reader a taste, back in March 2016, hackers were able to change the levels of chemicals used to treat water by infiltrating a water utility's control system, hence threatening the health and safety of citizens. In this blog, we will explore what security practitioners and plant operators are up against, and what they should look for in an ideal solution.
Deloitte also recently published a perspective in a flashpoint edition series, explaining 5 key challenges facing pretty much every industry.
Regardless of the industry, data security is generally categorized by 4 key pillars: authentication, encryption, authorization, and auditing.
Let's expand on this a little bit in the context of this blog.
Authentication : People and assets alike need to be authenticated onto the network to prevent bad actors or "bad assets" early on.
Authorization: Once, for example, an IoT sensor has access to a network, authorizing it to a set of services is the next important step. This seldom involves a complex set of policies, based on the credentials and capabilities of the entity requesting access.
Encryption: Considering how spread out a process manufacturing plant can get, with IoT sensors, intermediate gateways, and equipment, plant operators often consider encryption at rest and on the wire above most other priorities.
Auditing: This step is equally important to each of the above, but often gets forgotten or overseen in most enterprises. Data auditing broadly serves three purposes in industrial manufacturing: (i) assess that the data collected is fit for a given purpose or use case, (ii) assess the impact of quality of data on the manufacturing performance, (iii) help root-cause attacks by maintaining audit trails.
Moreover, industrial manufacturers tend to distribute data across cloud (public, private, hybrid) and on-premises hardware as well as at the edge, mostly based on cost and time to market (TTM) factors. Essentially, this practice results in silos, making it even more difficult to institute best practices or implement 'a' solution to address all of the above. This also often increases the task of protecting these data assets, with IT deploying point solutions across the enterprise.
Now let's take a quick look at the variety of assets that need to be protected in manufacturing.
Unstructured time-series data: Data constantly being transmitted from IoT sensors (e.g., heat, pressure, thermal, image depending upon the nature of manufacturing process), robot-arms, equipment and machine logs, RFID tags, fleet sensors, GPS devices.
Mostly structured data: Process control software applications (SCADA and MES), web application and database systems, HVAC and cooling systems, precision measurement devices, HMI terminals, ERP applications, HR and billing systems.
External sources: Weather data, supply chain management (SCM) software, social media.
This is obviously a very small subset of information sources but gives the reader a perspective of the volume and variety of data types manufacturers have to deal with.
With some idea by now on what we need to address, let's jump into what the solution should consist of, at a minimum:
The question remains that with no real standards in place, one would have to implement best practices and point solutions for each of the above. Although this is a great place to start, the issues with this approach are that these security information and event management (SIEM) software products usually don't scale with increasing data or increase the overhead of data and tools management for IT, the end result being missed threats or slower detection of them.
MapR provides a comprehensive data platform for data security in manufacturing: