Information Technology (IT) and Operational Technology (OT) have similar security goals but very different priorities. How can manufacturers align IT and OT? One solution is to segment complex production facilities and implement a “defense in depth” approach in accordance with the ISA/IEC 62443 standards.
The Divergent Priorities of IT and OT
Information Technology (IT) and Operational Technology (OT) represent two worlds both supremely concerned with safety and security. IT is primarily concerned with the safeguarding of data while OT is primarily concerned with the safeguarding of people and processes. IT and OT departments are typically in agreement on what they should aim for – confidentiality, integrity, and availability of data and devices. But which of these aims should be prioritized? That is the great debate between IT and OT. For IT, the highest priority is always confidentiality. This prioritizes data protection against unauthorized access above the immediate availability of data to the user. This is not always the highest priority for OT. Of course, industrial devices need to be protected from cyber attacks, but OT typically places a higher priority on availability. Continuous production is the ultimate goal.
The Importance of IT/OT Convergence
As the Industrial Internet of Things continues to grow, it is becoming increasingly important to prioritize IT/OT convergence. Why? Connected automation systems may open the door to unwanted network access. IT and OT must work together to mitigate this risk. The ISA/IEC 62443 standards define protective measures for different network levels to do just that. It also differentiates between the responsibilities of product suppliers, system integrators, and operators so that each party knows their responsibilities.
What is the ISA/IEC 62443 Defense in Depth Approach?
The ISA/IEC 62443 standards outline general IT/OT security concepts, policies and procedures, system requirements, and component guidelines. One of the essential elements of this security framework is a “defense in depth” approach. The defense in depth approach outlines a coordinated framework to align the IT/OT security efforts of product suppliers, system integrators, and operators. The defense in depth approach can be likened to a castle. Various lines of defense, usually arranged from the outside in, protect the castle from threats and intruders.
The first line of defense aims protect the production facility itself. These are the standard physical access restrictions, guidelines and processes concerning the use of the facility, and controls used to ensure that these processes are adhered to.
The second line of defense involves network security. Network segmentation creates a production cell that is protected from the outside and only accessed by authorized personnel. It is the job of the system integrator to take appropriate measures, such as the use of firewalls, passwords, or the protection of external access via VPNs.
The inner lines of defense apply to the security functions found on devices or components. These can be encrypted or protected via a virus scanner. Product suppliers are primarily responsible for this line of defense, but operators can take measures to protect their individual assets as well.
Understanding the IT/OT Security Risks in the Production Facility
The defense in depth approach recommends dividing production facilities into zones to assess their functional safety. Each zone is assigned a corresponding number based on its ability to prevent harm from occurring to the environment or personnel.
The first zone should always assess the entire production facility and how it connects to the surrounding infrastructure. The organizational measures used by operators are of upmost importance in this zone.
Then, the facility can be split into smaller zones to assess their functional safety. The goal of this framework is to develop IT/OT security protection for each zone. Developing a risk analysis for an entire plant can be cumbersome. By segmenting complex facilities, IT and OT have an easier time evaluating functions of each zone and how they are connected to one another.
From Threats to Protections
After zones are analyzed, IT and OT identify the requirements to implement to improve. A “fundamental requirement” is the most basic level of protection required. For example, this might require adding a key switch on a specific device. More detailed, technical “system requirements” can also be specified in this stage to improve the facility’s ability to prevent harm to the environment or to personnel.
Then, facilities need to ensure that they have the means to implement these requirements. Do their staff have the bandwidth to be able to put these requirements in place and follow through with them? Processes must be thoroughly documented, personnel must be adequately trained, and implementation should be monitored. After all, security concepts are only helpful if implemented.
Improving IT/OT Security in Automation
The ISA/IEC 62443 standards use the introduction of information security in the world of automation as an opportunity to connect the divergent worlds of IT and OT. While there are still significant differences in complexity, priorities, and goals, this standard makes strides to align IT and OT with a shared framework to identify risk, improve security, and ensure proper implementation.
One of the easiest to improve IT/OT security for automation is through a data management system like versiondog. versiondog helps production facilities automatically backup data, compare versions with a graphical display of differences, and monitor both authorized and unauthorized changes. To learn more about IT/OT security best practices, download the AUVESY Guide to Protecting Critical Infrastructure. If you’d like to learn more about versiondog, schedule a demo with our team today.