Integrating Cyber Resilience Strategies for OT Data Acquisition Devices

Abstract

Operational Technology (OT), Industrial Control Systems (ICS), and Supervisory Control and Data Acquisition (SCADA) devices have been around in some form since the 1960s and they control specific functions in many critical industries such as electrical power generation, oil refineries, and water treatment plants. Since most are integrated with IT-based protocols (e.g., TCP/IP), there has been an explosion of OT control systems to provide meaningful information to businesses. While OT and IT speak a common language, this has exposed OT to much more Cyber Attacks that were once applied only to IT-based systems. Data Acquisition Devices (DAS), such as those manufactured by Moxa, now have ethernet ports to provide this link between both networks. The combination of new ethernet-capable OT devices, and those using upgraded converters (e.g., Moxa) for older OT devices, has primarily increased the attack surface. This study proposes a secure layered architecture that can be deployed to limit security threats for ethernet-capable (DAS) devices. The current state of many organizations is the lack of visibility of their OT assets and a knowledge gap on how to secure them. Keywords—Control systems, Cyber attacks, Cybersecurity resilience, Operational technology