Industrial Control Systems: What Are They?
In a nutshell, Industrial control systems (ICS) are computers that control the world around you. They're responsible for managing the air conditioning in your office, the turbines at a power plant, the lighting at the theatre or the robots at a factory.
Complex legacy installed technology from 30 or more years ago, and high attack consequences lead to high security risks for most ICS and IoT devices and systems.
IT security professionals, generally have a weak technical understanding of existing legacy ICS and the latest IoT systems, architectures, and security risks.
Two-Step Security Integration
Current ICS, SCADA, and IoT security is generally more focused on traditional controls as a base for later enhancements
- ICS Industrial Control System
- SCADA Supervisory Control and Data Acquisition
- DCS Distributed Control Systems
- PLC Programmable Logic Controller
- RTU Remote Terminal Unit
Industrial Control System and IoT Technologies
include the consoles and human-machine interfaces required for Industrial Control System operators to control and operate an ICS. Many ISC management systems include proprietary software and systems developed long before the industrial endpoints were being considered for remote access. Cyber criminals obviously have a great interest in finding and owning these systems
Diagnostic systems organize sensor telemetry information for use by Industrial Control System operators. Diagnostics have not traditionally included security signatures or profiles, but with increasing attention to cybersecurity, this area is expected to change.
An Industrial Control System network provides wireless or physical wired transport and connectivity between ICS components. When this connectivity involves the use of the public internet, the result is often referred to as the Industrial Internet. Private ICS networks should, in theory, be more secure than public ones, but the application specifics will always dictate the risk levels
An Industrial Control System controller includes the logic for managing actuators and sensors based on management input. ICS controllers will soon integrate with software-defined networking (SDN) from service providers, but this will make it harder for legacy and proprietary applications. An advantage of SDN integration is that security analytic processing becomes an important SDN controller adjacency that can help with ICS protection in real-time.
Actuators include the electronics, motors, and other components for starting and stopping activity in the controlled system and associated processes. These components are usually controlled by legacy and even non-standard network protocols designed without much consideration for authentication or encryption. The idea of cyber criminals gaining access to actuators connected to some part of a nuclear facility is a frightening thought.
Sensors collect data from the controlled system and associated processes. Telemetry is one of the main areas of industrial control security that will require increased confidentiality controls.
The controlled system is the specific, target industrial system that is being managed. Such targets can range from consequential Industrial Control System critical infrastructure like nuclear plants, to more whimsical IoT devices such as children’s toys.
Is your Operational Technology/ IoT device exposed to threat?
Learn more about LT's expert solutions by giving us a call at (+63) 936-567-1353 or fill out the form to schedule an appointment.
The ICS / SCADA / IOT Security information shown above is mostly generic and based on best-practice, therefore to get a better understanding on what we can do for your business, all we ask is that you contact us to discuss your cybersecurity security needs to protect your ICS, SCADA, and IOT systems and data.