Factory of the Future meets Stuxnet’s Children: Egad!

Late last year Frost and Sullivan, an international analyst group, released a short report called Current Scenario and Future Landscape in the Automation & Control Systems (ACS) Market.” The report claims that “the field of industrial automation is at a cross roads,” due to “narrowing product definition between individual ACS products, specifically the PLC and DCS product line.”

The report goes on to say that since the product features are now similar across the various brands, they are becoming much less important to users when it comes to making purchasing decisions.  Instead, cost factors, global service and support and five “Mega Trends” will be the major influences on the evolution of future factories.

The mega trend predictions really caught my eye:

  1. Operating personnel in future factories will not be confined to work stations inside control rooms. Tablets and mobile platforms will enable them to track production, perform maintenance operations and monitor process issues while on the move.

 

  1. The adoption of secure cloud computing technology will enable factories access to relevant strategic data from the Internet to execute real-time decisions and to enhance operational efficiency.

 

  1. Future factories will have secure wireless networks supporting a highly automated production process, seamlessly interlinked with enterprise software working through the cloud.
 

 

Chart: Mega Trends and Future of Factory
from the Frost & Sullivan: Current Scenario and Future Landscape in the Automation & Control Systems (ACS) Market

There is no question that these integration mega trends will enable companies to implement agile, cost-effective business practices. As a result, company management and shareholders will actively push for them. And ICS vendors, eager to find reasons why end users should buy their newest product, will aggressively promote the benefits of these trends.

But consider that all of these trends will require significantly increased interconnectivity, both on the plant floor and between the plant floor and the outside world. As a result, SCADA/ICS vendors and engineers will be under increasing pressure to improve productivity and reduce costs through more network integration.

These changes are not some problem for the future – they are upon us now. For example, sharing real-time data from field operations with management is standard practice for most companies. Similarly, the demand for remote support has made many control systems accessible via Internet-based technologies.

So while many security experts are yelling to close the door between the plant floor and the corporate network, market pressure will force it wide open. We are moving away from the air gap, not towards it.

Stuxnet and Stuxnet’s Children

At the same time as the plant floor becomes more connected with the outside world, the security threats against ICS and SCADA systems are getting worse.

As regular readers of this blog know, cyber attacks on automation systems were considered by many to be a theoretical problem until the discovery of the Stuxnet worm in July, 2010. At that moment the world changed, not only for ICS operators, but also for automation vendors, hackers, criminals and even governments.

We now know that Stuxnet attacked Siemens automation products used by Iran’s nuclear enrichment program. It was capable of downloading proprietary process information, making changes to logic in PLCs, and covering its tracks. It used previously unknown vulnerabilities to spread. It was powerful enough to evade state-of-the-art security technologies.

While Stuxnet had a specific target, its broader impact has been the widespread publicity about it, causing hackers and criminals to discover that SCADA/ICS products are attractive targets. This led to 215 publicly disclosed ICS vulnerabilities in 2011 – more vulnerabilities than had been disclosed in the previous decade.  In addition, attack code was released for about 40% of the vulnerabilities, meaning that the bad guys knew both where to find holes in SCADA/ICS products, and had the software to exploit them.

Post-Stuxnet, well-designed ICS worms such as Night Dragon, Duqu and Nitro have been revealed. Each of them has focused on stealing intellectual property such as oil field bids, SCADA operations data, design documents and other information that could cause business harm.

It is possible that the goal of the next generation of malware is not to harm people, but to quietly stop production at a utility, or impact the production of a rival, or short sell the shares of a company or extort money under the threat of a disruption. The banking industry has faced these sorts of financially motivated attacks over the past decade. It is unrealistic to hope that the industrial world will not experience the same.

Preparing for the SCADA Security Challenges of the Future

Combine the Frost & Sullivan’s highly probable vision of the Factory of the Future with the new reality of industrial control systems being favored targets, and it’s easy to see why better industrial cyber security is urgently needed.

What is the way forward?  Well, it isn’t by pretending we are going to wall off the plant floor from the rest of the world. Instead, it involves better cyber security practices and a concept called defense-in-depth. Stay tuned for future articles where I explain the steps you need to take to improve your plant’s defenses.

Related Content to Download

Note: you need to be a member of tofinosecurity.com and logged in to have access to the documents below. Register here to become a member.

Presentation - "Mission Critical Security in a Post-Stuxnet World Part 1"

 

These presentations summarize information about the Stuxnet malware and what it means for the future of SCADA and ICS Security.

Together, they are ideal for anyone needing a crash course on Stuxnet, or as a tool for informing management about the implications of it.

 

Presentation - "Mission Critical Security in a Post-Stuxnet World Part 2"

 

The presentations were given by Eric Byres at the Hirschmann 2011 Mission Critical Design Seminar.

Related Links

 

RSS Feed Subscribe to the "Practical SCADA Security" news feed

Author Eric Byres

Comments

4

Certain PLCs have IP addresses. Isn't this taken connectivity too far for a device that has a write-always,
vulnerable memory?

From a security point of view, you are probably right - IP connectivity and PLCs (and RTU/DCS/SIS) was a poor match. But I think it is the reality we have to live with - there isn't a significant PLC on the market today that doesn't offer Ethernet-TCP/IP connectivity. Similarly I doubt there is an industrial plant that does depend on that connectivity today. And what the F&S report is saying is "it is only going to get worse". The question is what do we do about this collision of open communications and security.

If I could go back 20 years and change the direction controls and communications world took, I would. In fact, I wouldn't start by fixing PLCs - I'd start by fixing TCP/IP.

Upper management won't let us turn back the clocks and go to less connected (and less efficient) operations, no matter how much we scream. So we have to live with this reality and find a way to secure these devices.

In control systems, we use Ethernet and the IP stack because they're inexpensive, commonly available, and generally thought to be well understood (though you'll find some shocking ignorance in too many places).

It was not selected so that it could be networked with the office.

This is sort of like pointing out that because an airport runway uses concrete and asphalt, we can use it as a section of highway to get to the airport too. We all know that although they both look like roads, one is usually kept clear so that aircraft can take-off and land on it, while the other one can be subject to very large traffic jams without significant incident.

The security issue is not just that control systems use Ethernet and IP stacks. It is that they use it in an unsecured manner. It would be like having a large airport without a fence around it. Animals could be walking across the runway at night. (I've landed in places like that :-)

The use of a technology does not imply that something is inherently safe and secure, or unsafe or unsecured. The answer is how that technology is applied and managed.

Great blog Eric. The one thing I noticed in the Frost & Sullivan Chart but you didn't directly comment on is that one of the 5 mega trends they identified was cyber security. That says to me that they recognize that none of what they are predicting for the Factory of the Future can become reality without cyber security. A wise recognition, for sure.

This supports my belief that cyber security has created a major disruption in the industrial automation market that will have a dramatic impact on the major players over the next 3 – 5 years.

Add new comment