Industrial Control System Cybersecurity is one of the most misunderstood, misunderstood, ignored and yet one of society’s most valuable areas. This article will unveil the importance of industrial control system in cyber security.
An industrial control system (ICS) is a form of computer management device that controls industrial processes and machinery. In today’s readers, cyber security is everyone’s responsibility, including ICS (Industrial Control System) or IACS (Industrial Automation Control System) domain used to control utilities, industrial facilities and the country’s critical infrastructure. These infrastructures have a greater impact on society, businesses, the environment, and the health and safety of people. In this article, I will discuss a high level of understanding of ICS, especially between IT (information technology) and OT (operational technology or sometimes called industrial technology).
We always hear about a computer system but generally more for the processing, storage of information and the execution of the business software that deals with CIA Triad. But the software it runs does not affect a physical object. Once a computer system is used to control a device in an industrial environment, it has now become OT (Operational Technology). You may think of OT more than IT as a conflict between those who manage OT systems and those who manage IT systems. This could happen, and we’ve seen examples where IT departments have attempted to deploy software to OT computers without having full knowledge of how the OT system is being used, and this has resulted in production issues. OT uses a computer to control a machine and perform a mechanical task.
What if the operator panics during a chlorine leak and misspells their password three times. The HMI locks ALL access for 10 minutes, the result can be CATASTROPHIC. In OT, you facilitate operator access and availability.
OT versus IT
The cornerstone of IT security is the CIA triad (confidentiality, integrity and availability) of working together. Not in the case of occupational therapy, always remember that human health and safety is always paramount. The general priority of these objectives is often different. The safety of these systems mainly concerns the maintenance of the AVAILABLITY of all system components. There are inherent risks associated with industrial machinery that is controlled, monitored or otherwise affected by industrial automation and control systems. Therefore, integrity often takes a back seat. Usually privacy is of less importance, as often the data is raw and needs to be analyzed in context to have any value. But for ICS (Industrial Control System), AVAILABLITY has the highest priority among the CIA triad. So it’s usually availability, security, and in some cases if it’s critical infrastructure, security comes first. And then it’s availability, integrity and confidentiality. But whichever way you look at it, IT and OT need to work together because the future is automation, and automation will be entirely IP-based.
Compliance focuses on alignment with external requirements (law, regulation, industry standard – IEC 62443 for ICS). Major control system OEMs have selected IEC 62443 as a roadmap to use when hardening their products and systems.
Global frameworks on how Functional Safety, ICS and IT overlap. Global frameworks on how Functional Safety, ICS and IT overlap.