Challenges in Protecting Operational Systems
Published on : Thursday 20-02-2020
To safeguard the complex properly, automation vendors, process industry companies must work to make every networked device secure and protected, says Khemraj Dureja.
Different markets expect different characteristics from an Instrumentation and Control system. The military market is reliability-driven, the consumer market is cost-driven, the medical market safety-driven, and the automotive (specifically process plants) market is a combination of all of the above. That said, however, it is still valid to point out that new instruments designed to meet future requirements generally ought to have one or more of the following characteristics: Faster speed, smaller size, lower power consumption, greater immunity to noise and physical or electrical interference, increased system reliability and reduced maintenance down time, and last but not the least, higher accuracy.
Besides, there are other concerns like:
- Maintenance life cycle from procurement to retirement of the instrumentation and control systems.
- Actions to maintain system integrity and reliability.
- How to reduce the security risks arising from using IT technology in processes industry to an acceptable level.
- How to minimise the impact on process industry, should one of the security risks materialise as an incident.
The plant floor and process units have become a growing area of concern for cybersecurity. In much of the process industries, operations are digitally driven. The era of analog has given way to networks of computers, automated machinery, and Smart sensors. Plants are driven by a digital thread of technical data –product and process information – that can be shared throughout the enterprise and must be protected.
Much attention has been given to protecting technical information in IT systems and networks. But protecting the operational systems of a process industries presents a new and different set of challenges. Not only must the technical data be shielded from theft, it also must be protected from alteration that could impair proper functioning of a process operation or affect the safety and availability of the production system. These concerns are especially challenging for each and every process industry. For industrial sites,vulnerabilities to cyber threats include:
- Lack of security policies and procedures
- Communications between the Internet to the corporation
- Communications between the business LAN (local area network) and process-control network
- Insufficient or out-of-date cyber security controls, such as anti-malware software
- Obsolete or missing security patches
- Inadequate security configurations, and
- Incomplete or infrequent backups.
To safeguard the complex properly, automation vendors, process industry companies must work to make every networked device secure and protected against malware intrusions and malicious commands that may come from local ports and LAN interfaces. At the same time, all plant networks need to be shielded from intrusions and properly zoned to help deter and contain network-based threats.
Attacks on a plant automation system may involve only the cyber components and their operation, but those impacts can extend into the physical, business reputation, human, and environmental systems to which we are connected. A cyber event, whether initiated externally, internally, or due to inadequate policies and procedures, can lead to a loss of system control and the corresponding negative consequences.
All of this brings us to the most important question: Are process industry companies prepared to handle a coordinated cyber-attack?
Khemraj Dureja is General Manager – Instrumentation & Electrical, Yara Fertilizers India Pvt Ltd. An Electronics and Instrumentation Engineer with 29 years’ experience in Chemical process and Fertilizer industry, Khemraj is currently engaged in implementing digital solutions for various processes like asset performance management, digital control rounds for field operators, process information management system and shift connector.
