ABB has published an informative cybersecurity guide for understanding cyber challenges for protecting VSDs systems against unauthorised access or cyberattacks. The aim is to introduce ABB Drives cybersecurity policies and to help answer questions and concerns relating to cybersecurity. The 40-page document is also a generic cybersecurity guide doe deploying ABB drives and related connectivity products.
Traditionally, “cybersecurity” refers to measures taken to protect a computer or computer system against unauthorised access or attack. For power and automation, it refers to measures protecting the reliability, integrity and availability of power and automation from unauthorised access or attack. It addresses digital system integrity and security measures to ensure the confidentiality, integrity and availability of data.
According to one definition the cybersecurity of industrial control systems often includes three threat categories:
• Hacking. An attacker targeting an industrial control system to blackmail a site owner or damage the reputation of an automation vendor. This could be by creating dedicated malware. Stuxnet is most likely an example of such a targeted attack.
• General malicious software. Consider where an employee connects a laptop to the system network or inserts a USB stick into a server. The purpose of these actions could be benign, but there is a significant risk of infected devices transferring an infection to the automation system. Even though not designed to damage automation systems, it can still be very harmful.
• Employee mistakes. For example, an engineer wants to update the control logic in an embedded device, but by mistake connects the engineering tool to the wrong device. Similarly, an engineer connects a network cable to the wrong port of a network switch.
Most often, hacking is what people think of when discussing cybersecurity. However, these types of attack only constitute a minority of all incidents. General malicious software and employee mistakes make up most incidents
There is no single solution to managing the cybersecurity risk in an industrial control system, hence no completely secure system. ABB recommends “defence in depth,” using multiple layers of security countermeasures and addressing people, technology, and operations in several layers. Defence in depth is an information assurance concept, using multiple layers of security controls placed throughout an information technology system. Its intent is to provide redundancy in the event a security control fails, or the exploiting of a vulnerability.
Defence-in-depth should prevent security breaches, but also buy time to detect and respond to an attack and mitigate the consequences. In the defence-in-depth architecture, the control system LAN (local area network) is clearly separated from other corporate networks with firewalls, and there are separate demilitarised zone (DMZ) areas for each function, such as for historian, security and authentication.
Generic risk reduction methods and cybersecurity policies
Controlling most cybersecurity risks is through feasible network architectures, access control and physical security mechanisms. Undisturbed security and management also require a strict cybersecurity policy. An approach that includes various viewpoints and activities to keep up the targeted level of cybersecurity in automation.
Although fieldbus technologies have been evolving, none of standardised industrial fieldbuses support authentication or any other basic cybersecurity methods. Therefore, variable speed drives do not typically offer means to secure network traffic. This is also why drives are vulnerable to malicious system access, data reading and manipulation by hostile parties.
Because industrial Ethernet protocols have proliferated on the factory floor, there is rising demand to implement hardening features for field-level components too, such as variable speed drives (VSD). The industrial Ethernet protocol associations have started to migrate to new Ethernet standards that offer higher cybersecurity protection, but the change will take time.
It is not easy to upgrade certain control systems, and upgrades need verification before patching in the field. On the other hand, the risks are partially mitigated because typically the connectivity to an upper-level automation or controlling (PLC) network requires separate cabling, connections and commissioning of the communication interface, e.g., the fieldbus interface of a drive.
Cybersecurity is a key consideration in all phases of automation system development, otherwise the risk can find its way to the target without notice. ABB’s informative cybersecurity guide makes is a good starting point for control engineers.