CyberSecurity Practices for Industrial Control System [ICS]

Industrial control systems (ICS) are complex system that monitors industrial processes and critical infrastructures that deliver water, transport, telecommunication, manufacturing, and other essential services. The ICS gets data from sensors that monitor and process variables, using these variables the system compares it with the set limit for each feature and the ICS will send a command that will control the processes based on the sensor readings from a central control center.

For example, if a sensor monitors a machine in the system that is overheating, the ICS will send a command for that system to shut down to prevent disaster. 

In the past, these ICS were not connected to the internet. Still, with advancements in technology and the Internet of Things IoT, and better sensors, these ICS types of machinery are now connected to the internet and can send and communicate with each other. These advancements gave rise to Smart Cities, Smart Hospitals, Smart grids, etc.

But just like any other connected system, this introduces the ICS cyber vulnerabilities and threats. A compromise on a critical infrastructure ICS could be catastrophic. An ICS security framework was introduced to protect the ICS.

ICS Security.

ICS security is a security measure developed to protect ICS against all threats. 

• Safeguarding and securing the ICS, the sensors, and other devices that are used in controlling the pieces of machinery.
• Keeping the processes running smoothly.
• Ensuring the integrity and confidentiality of the sensors’ data being transmitted across the system.

ICS Cyber Security Best Practices

The National Institute of Standards and Technology (NIST) has issued ICS Guidelines to help come up with an ICS Security framework. NIST document suggests the main security objectives for ICS should be:

1. Restrict logical access to the network by utilizing the demilitarized zone design that uses firewalls to prevent some incoming and outgoing traffics to the network.
2. Physical security: restrict access to the ICS devices and network to avoid human error and persons with malicious intent from disrupting or tampering with the system. An example is installing card readers.
3. Using the principle of least privilege gives access to the only operator with authority to use that level of the system.
4. Patching/updating the system as soon as a new update is out.
5. Maintaining data integrity and confidentiality by encrypting the data both in transit and stored data.
6. Designing an ICS system with a Business Continuity model in place in case of emergencies.
7. Having incident response plans in place to restore the system after any incident.

Industrial Control System Security Standards.

There are a few ICS standards out there and some are specific to an industry. 

• The NIST’s SP 800-82 is the most mostly applied standard. 
• There is another standard by Automation and International Electro-Technical Commission ANSI/ISA99 standard that developed an ICS certification the ISA/IEC 62443 Cybersecurity Certificate Program.

ICS security is an essential part of the modern industrial operational setup. Abiding by the ICS security best practices is of utmost importance to protect today’s complex industrial control system.

Certfort Ltd Professional Services.

Certfort is an ICT organization with highly experienced professionals that can help provide services across the Industrial Control System environment such as in Telecommunication, Health. We offer services such as:

• Training on the risk associated with the ICS environment.
• Help client achieve a level of compliance with the ICS-related international standards
• Provide solutions such as in-built anti-malware tools and Vulnerability Assessment and Penetration tools.
• Help in designing ICS solutions that put ICS security best practices in focus.