Sponsored by PTC
Accelerating Manufacturing Digital Transformation

Addressing Cybersecurity Risks in Industrial Operations

PinIt

Industrial organizations face new cybersecurity challenges as they open up access to traditionally siloed OT systems and integrate them with IT. Here are some points to consider to address the risks of an IT/OT integration.

Cyberattacks on industrial operations can lead to operational disruption, physical damage, safety concerns, and loss of intellectual property and data, resulting in significant financial and reputational consequences. Additionally, integrating IT and OT (operational technology) systems increases the attack surface and introduces other vulnerabilities, as many legacy OT protocols lack modern security features like encryption and authentication. All of this leads to a need for a greater focus on cybersecurity.

RTInsights recently sat down with Tom Gaudet, director of product management for PTC Kepware. We talked about modern cybersecurity challenges in industrial operations, where and what type of help is needed to enhance security, and how PTC can help.

Here is a lightly edited summary of our conversation.

RTInsights: At a very high level, what are the consequences of a cyberattack on industrial operations?

Gaudet: The first thing we think about is operational disruption. That is the possibility of a line in a facility or any other part of your operations going down, creating delays or production halts, which can have negative financial impacts. These production delays and stoppages can impact your ability to deliver products and services on time, but that’s not the only place where we see potential consequences of cyberattacks.

Another consequence is physical damage. There have been some cases in the past where access to industrial spaces by unauthorized people has caused physical damage to the facility, whether it was individual pieces of equipment being damaged or entire facilities being broken in the process.

Along the same lines, we think about physical safety concerns. People work in these factories, and if there are machines operating outside of their prescribed parameters, you can also have safety risks.

There is also the potential for data loss. The issue is both getting data outside of the systems that you want it to be in, but there is also a risk to your intellectual property. For some industries, intellectual property is the service or the product that they’re providing. If you think about a company as old as Coca-Cola, their recipe is an industrial secret. It’s not a patent. Loss of that IP can be a major drawback to a cyberattack in their industrial operations.

Finally, the risks of cyber attacks are particularly acute for those operating pieces of critical infrastructure, including water treatment, oil, and gas pipelines, as well as power infrastructure. These are areas where cybersecurity is absolutely critical, not just for the individual company but for society as a whole.

See also: IT/OT Convergence’s Achilles Heel: OT Security

RTInsights: What are the top cybersecurity issues in industrial operations when you integrate IT and OT systems?

Gaudet: That’s a great question because people are thinking that the integration between IT and OT systems is a new thing that’s been happening over the past five to 10 years, which really isn’t true. There’s always been some connectivity for most operational systems, whether it’s just to bring some of the MES information down to the operations or to get information out with regards to how well the operation is doing.

Now, the trend is to increase the number of connections between your operational technology and IT. That has major benefits in today’s day and age. You can leverage analytics and reporting to get a better view of what’s going on in the operational systems. But it extends your attack surface. There are more points where a potential attacker could come and get into the operational systems.

A big issue with that is that older systems really don’t have any true encryption associated with them. So, a lot of these legacy OT systems are running protocols that can be human-readable. That has dangers not just in the fact that you can have a loss of IP or data but also the integrity of that because there’s no authentication from point to point when using these older protocols.

RTInsights: Are there ways to convert insecure OT protocols to modern, secure ones like OPC UA to reduce vulnerabilities?

Gaudet: There are a variety of ways to do that, but the primary one is to do the conversion itself. One way is to take some of the older protocols and wrap them. That is really not the best way to do that, with regard to just shifting them into something like a VPN. VPNs are great, and they serve their purposes, but they’re not a true breakpoint between this insecure environment of the OT, older legacy systems, and more modern capabilities for IT.

For that reason, there are two protocols that we think about to address this issue. One is OPC UA, which has been an industrial standard for a long time and has the ability to validate endpoints, users, and encryption. In addition to that, you have the capabilities of protocols like MQTT, which is a transport protocol, and you can also have those functionalities. Both have their benefits in the industrial market as well as in a digital transformation when you’re converting data from what’s needed for that really high-fidelity, high-volume data in the OT to something that is more along the lines of reporting data up into the IT systems.

RTInsights: How does network segmentation between IT and OT help address cybersecurity issues? 

Gaudet: It is absolutely critical, and we see it being accomplished in a variety of different ways. Some are doing that as broadly as an entire facility, so you’re talking about the plant being its own zone and everything inside of that plant being considered one piece.

We also see some who are breaking things up into individual cells. So, an auto manufacturer might be breaking up their infrastructure to have firewalls at each individual cell or station to ensure that there’s no breakage between conclusions. And that can be set up depending on the needs of the industry. One of the things this does is to be able to really enhance monitoring control by segmenting that network. You can see what’s going on for traffic inside that network segment and identify whether or not there are bad actors happening locally within it.

RTInsights: How does PTC Kepware help? 

Gaudet: Kepware is a technology company that has been serving industrial companies for more than 25 years. We provide best-of-breed industrial connectivity solutions to seamlessly access OT data from legacy or modern devices and share it with IT and OT systems. One of the ways that we do that is by converting legacy protocols into OPC UA and MQTT.

Our breadth of connectivity and commitment to interoperability across consuming systems has uniquely positioned us to create a secure, standardized data layer for manufacturers that is scalable across assets, lines, sites, and the enterprise.

Recently, we have advanced our abilities for manufacturers to securely monitor and configure their on-prem industrial connectivity with the advent of Kepware+, our enterprise industrial connectivity solution. This new hybrid SaaS offering allows you to remotely configure your connectivity without the need for a VPN.

To further advance our customers’ ability to secure their data, we also provide the ability to set user role permissions at a very granular level. We do that all the way down to the tag level if customers need it. In that way, they can choose individual data points that are available for individual roles or user permissions. So, if your SCADA system needs a particular piece of data off of a particular Kepware element, you can restrict their access all the way down to that one particular tag, while other applications may have a wider variety of data points.

Salvatore Salamone

About Salvatore Salamone

Salvatore Salamone is a physicist by training who has been writing about science and information technology for more than 30 years. During that time, he has been a senior or executive editor at many industry-leading publications including High Technology, Network World, Byte Magazine, Data Communications, LAN Times, InternetWeek, Bio-IT World, and Lightwave, The Journal of Fiber Optics. He also is the author of three business technology books.

Leave a Reply

Your email address will not be published. Required fields are marked *