Cyber security threats in industrial control systems and protection

Abstract

Industrial automation and control systems are increasingly based on open communication protocols and platforms that are also commonly used in corporate IT environments and interconnected to enable integration with business applications, they become increasingly exposed to the internet. As seen in the past with WannaCry and NotPetya, it's more likely common malware will cause the most damage in the long run. These threats are expected to increase simply since the fundamental gaps in protecting the operational technology (OT) over information technology (IT) widening. As OT becomes increasingly exposed to internet, it tends to become weak spot to cyber threats as any other connected systems. This is basically because of OT components aligned on the same hardware, software, communication protocols including operating systems that run IT components, such as networks, client, server machines & other connected devices. At the same time, reusable development and deployment of interconnected systems and their communication networks become vulnerable to cyber-attacks. This paper explores cyber security issues in industrial control systems that are built on open communication platforms and networks. Specially emphasized on attacker's objectives, electronics methods and possible countermeasures for IT systems. The paper also describes various OT security-relevant characteristics distinct from the office IT systems and relevant implementation approaches at multiple system layers to protect from cyber-attacks. Finally, paper illustrates few application level security concepts with case studies focusing configuration and operation of industrial process control system.