Abstract
In this paper we briefly outline as set of rules for integration of legacy devices into a modern industrial control system. These rules are fairly simple, and are mostly derived from “Zero Trust” principles. These rules aim to be pragmatic, and cost-effectiveness trumps completeness.
Highlights
1.1 BackgroundThis paper is mainly concerned with how to enhance security for legacy components in Industrial Control Systems (ICS)
– Replacement It is deemed infeasible to replace the Legacy Devices (LDs) – Updates The LDs cannot be fixed by updates – Connectivity The LDs will communicate with an up-to-date core system – Bandwidth needs The LDs will have modest bandwidth needs – Trust-level The LD belongs to its own trust domain – Protection No security protection can be assumed
5.3 Authorization and Access Control. It is not sufficient for the Legacy Encapsulating Gateway (LEG)/Legacy Interface Function (LIF) to have verified the identity of the entities that wants to communicate with the LDs
Summary
This paper is mainly concerned with how to enhance security for legacy components in Industrial Control Systems (ICS). The main security problems with ICS architectures are outlined in [1]. The legacy components may include sensors, actuators and controllers. These will often need to be retained, while the overall control system is being digitalized and perhaps migrated to a cloud solution. The “Zero Trust” (ZT) paradigm provides most of the inspiration for how to integrate legacy components in a safer and more robust way [2]. We shall return to how ZT is used as a foundational principle for the legacy component integration
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have