Cyber Security in Cyberspace - the System Security Challenge
Do you remember Tom Cruise floating across the holographic screens in Minority Report, or the replicator on the Starship Enterprise which could serve up more flavors of coffee than a Viennese café? Moviegoers are not the only ones who dream about a future where machines and digital applications make life easier. Scientists are already hard at work making this future a reality.
The first steps have already been taken. E-mail, the Internet and GPS are things which we now take for granted. The smartphone has only been around for ten years, but it is hard to imagine life without it. The world is now a faster place. Information can be sent and received in real time. High-speed communications are available anytime, anywhere around the world.
However, this new and exciting world also has its downsides. Inadequate network security allows unauthorized access to confidential and personal information by third parties.
What is happening on open WLANs at train stations and in Facebook's privacy settings is applicable to industry as well where optimal interaction between humans, machines and IT systems is receiving greater emphasis. There is also an increasing need for individualized products. To be ready for the impending changes, companies have to take a fresh look at their production and logistics flows and restructure their operations. The magic word here is Industry 4.0. "Cyber-physical production systems" will control and monitor new production processes.
The term “cyber-physical production systems” refers to tight integration between real (physical) process flows and information processing. Global information networks with always-available connectivity provide the basis. The physical processes consist of embedded systems which exist in a technical environment. The virtual processes are data, information and services which can be made available on the information network. Cyber-physical production systems have the advantage that they can be adapted quickly and efficiently as requirements change. In a world which can change in a matter of seconds, this capability is highly important, particularly in the process industry. Sensor-based detection of faulty process flows enables self-optimization and configuration of products, machines and systems, and it also ensures system safety and security.
The BMBF (Ministry of Research and Education) Industrie 4.0 project envisages machines which communicate with each other, inform each other about faults in the production process, identify material shortages and reorder materials. Without that, there is no intelligent factory. Internet-driven process digitalization leads to convergence of the real and virtual worlds, creating the Internet of Things. It establishes interconnectivity between the individual process steps and provides external access to the production systems.
New technology = new security risks?
If in the future more and more of what goes on in the chemical industry takes place in cyberspace and if there is wireless connectivity between the sensor and the pump, what about system security?
A security strategy, which includes all of the measures needed to protect the system, must be defined prior to system commissioning. The goal is to identify and assess risks and take appropriate measures to minimize the likelihood of incidents occurring. The operator is expected to install and operate a system with monitoring capability in accordance with the latest state of technology. To comply with this, it is necessary to conduct a risk assessment before the system is put into operation. This includes an assessment of the risks, an estimate of the effects and dispersion of chemicals, fire and explosion protection and an analysis of the reactions which take place. The output of the security analysis is the security strategy which is implemented using process control technology (PCT) safety mechanisms, among other things.
The main purpose of process control technology is to monitor and control process flows. PCT safety systems are protection mechanisms which trigger an alarm or activate safety functions when a deviation from the nominal operating state is detected. The task of the safety system is to avoid faults in the process. Particularly in the chemical industry, deviations in reaction temperature, pressure and fill level can have disastrous consequences. That makes it all the more important to detect deviations early and avoid them wherever possible.
Hazards and damage can come from many sources. In explosion hazard zones, the ignition of the air-gas or air-dust mixture and cause an explosion. Excess pressure can cause leaks.
Safety at chemical plants has top priority, and the requirements are defined in regulations and standards. IEC 61508/61551 forms the basis for the functional safety standard which applies to safety systems and equipment. The term "functional safety" refers to protection against hazards and damage provided under the correct, safety-related control of a safety system.
The functional safety of a system is assessed based on the probabilistic analysis of dangerous failures, fault tolerance and quality, the so-called Safety Integrity Level (SIL). If a fault occurs, the safety system should function correctly and maintain the system in a safe state or bring it into a safe state. In order to maximize functional safety, it is essential to avoid systematic faults and safely manage systematic or random faults.
In the chemical industry in recent years, production system technology along with equipment and machine technology has continued to evolve. Acquisition, retrieval and transfer of large data volumes are now feasible without problems. Data, networks and design drawings are available for access, and information can be shared with experts over large distances. Tablets and smartphones can be used for system monitoring, making system surveillance, machine testing and repair & maintenance far easier.
However, obsolete technology, system misconfiguration or inadequate employee training can increase the risk of intrusion. Unauthorized access to an Industrial Automation Control System (IACS) to gain control of an entire production line can result in very costly stoppages and equipment damage.
Cyber Security – Security for Safety
The chemical industry is reacting to the changes which are taking place. Given the increasing IT security threats, IT teams are looking at whether and to what extent the integrity of PCT safety systems could be at risk. Chemical plants need to develop a defense strategy. Functional safety on automation systems makes it possible to protect equipment and systems and prevent human health risks and environmental hazards. IT security provides protection against harm caused by external attack. In both functional safety and IT security, unauthorized access can interfere with systems, causing them to malfunction.
The three main IT security protection goals are confidentiality, integrity and availability. The regulations and standards can create the basis for inter-company networking. The goal of the cyber security teams is secure, reliable automated data exchange between network-connected production systems along with protection of products and systems.
PCT safety systems are used in the chemical industry to prevent damage or injury to workers, the environment and equipment. They are built around components such as sensors, actuators and programmable controllers. These elements can be the target of cyber attacks. Because systems used to configure sensors and actuators directly affect the safety function, data links with local systems must be protected. Directory services for user access control, update services for virus patterns and operating systems, time synchronization and back-up and restore services are key elements which must be included in risk analysis and in the system documentation. A small modification in the system can result in the failure of PCT protection, putting plant safety at risk.
Minimizing the number of components in a PCT safety system reduces the need for protective measures. An effective way of providing protection is to minimize the number of interfaces, hardware and software components and humans involved.
In theory, PCT safety systems should operate independently of the other equipment. In practice, that is often problematic. Information sharing between scientists, engineers and IT professionals plays a key role during the development of safety and security strategies. Recommendations and standards developed by the NAMUR and KAS working groups lay a solid foundation for IT security. Implementation gives the plant operator a certain degree of system security.
Summary: The cyber security world and security technology are still evolving, and there is a certain lack of clarity about the extent of unauthorized access. A combination of functional safety and IT security provides an adequate level of protection on industrial systems. The best way to optimize safety and security systems is to apply existing knowledge and share information.
At ACHEMA 2018, which will be held on June 11th - 15th in Frankfurt am Main, companies will put their latest IT security products, technologies and solutions on display.
ACHEMA Trend Reports are compiled by specialized international journalists. DECHEMA is not liable for incomplete or inaccurate information. ACHEMA Trend Reports can be used for editorial purposes free of charge; the source has to be named (more details on www.achema.de)