Managing cybersecurity risk in an industrial control system requires a risk assessment approach that addresses the unique nature of the technologies and consequences involved.
Risk assessment strategies in industrial control systems (ICSs) are an essential part of identifying undesirable and potentially deadly consequences. These strategies typically involve evaluating the severity of scenarios and existing security measures, and prioritizing recommended additional safeguards. Robust and ongoing risk assessments help industrial facilities prioritize their resources and budgets to provide the appropriate level of risk mitigation. All stakeholders in the ICS, from management and engineering through operations, will benefit from an understanding of the possible risks to their systems and how to mitigate them. This article discusses risk assessment strategies to better secure the ICS from cyber threats.
Before talking about risk assessment strategies for the ICS, it’s important to understand some of the acronyms typically used when discussing these systems. The ICS is a major segment of the facility’s operational technology (OT) system. OT refers to the computing systems that control the industrial operations, which are separate from information technology (IT) systems that manage the business side of the operation and data flow. ICSs are often managed by supervisory control and data acquisition (SCADA) systems, distributed control systems (DCSs), and/or programmable logic controllers (PLCs), depending on the size and scope of the facility in question. The terms process control system (PCS) and industrial automation and control system (IACS) are often used interchangeably with ICS. For simplicity, this article refers to all of these terms collectively as the ICS.
The ICS is typically composed of field sensors, industrial controllers, computers, and final control elements. Field sensors read process conditions — such as pressure, level, temperature, or flow — and communicate this information to the controller. The controller uses the process conditions, along with specific algorithms, to determine appropriate actions to take to maintain control over the process. The actions required are carried out by final elements, which may include control valves that modulate the flow of liquids or discrete controls used to turn equipment on or off. Computers play a part in an ICS by providing operators with a graphical view of the process and providing database services that feed variables into the controllers and store historical process information.
The history of automation and controls started well before the Industrial Revolution, for example, with the regulation of water flow to water wheels and governing the speed of steam engines with flyball governors. While these mechanisms improved efficiency of their respective applications, the evolution of the modern-day ICS began more recently. In the 1970s and 80s, the PLC began to replace relay-based control circuits. PLCs play a critical role in increasing the automation of processes and reducing human intervention in manufacturing. While they are powerful for automation of certain processes and systems, a single PLC alone cannot meet the specific needs of the more complex process control applications seen in the oil, gas, chemical, and paper industries.
Originally, those processes were controlled primarily by single-loop controllers. Single-loop controllers are dedicated devices that are able to control single process variables like pressure, temperature, flow, or level. Starting as pneumatic devices where air pressure was used to communicate measurements and outputs to valves, single-loop controllers evolved to use electronic signals and provide communication to other controllers and devices. Just as relays and timers were limiting and costly to rework as process needs changed, the utility of single-loop controllers was limited. The DCS was developed from the need for control over increasingly complex process operations, the ability to scale process modifications and expansions, and the need for integration of data for monitoring and analysis.
Likewise, the use of computers in these systems evolved from simple, proprietary interfaces on proprietary networks to highly sophisticated and interconnected open systems. These computer systems are often expected to operate within an ICS for ten or more years...
Would you like to reuse content from CEP Magazine? It’s easy to request permission to reuse content. Simply click here to connect instantly to licensing services, where you can choose from a list of options regarding how you would like to reuse the desired content and complete the transaction.