Xilinx - December 2018 Clippings Report

Page 3 of 11 End-to-end, lifecycle cyber protection for industrial systems: A guide - IoT Tech News

End-to-end, lifecycle cyber protection for industrial systems: A guide

By Wesley Skeffington 14 December 2018, 14:02 p.m. comment


Enterprise , IIoT , IoT , Security

SCADA networks in any factory or critical infrastructure application require protection against increasingly sophisticated and well-funded cyber threats. As emerging security standards such as IEC 62443 help marshal the industry’s response, effective protection calls for an end-to-end, lifecycle approach to device security, extending from the underlying hardware to top-level applications and back into the supply chain.

Introduction: Industrial networks at risk

Cyber attacks against industrial assets and infrastructures such as power grids aim to steal trade secrets, disrupt services, and damage economies. Tampering with industrial systems can also compromise safety and potentially cause injury or fatalities among workers or members of the public. Attackers can be lone wolves, terrorist or criminal organisations, or government-backed teams with a wide range of technical capabilities, funding resources, and motivations. However they are funded and whatever their goals, it is clear that hackers’ capabilities and the funding available to them are increasing. Organisations running any type of industrial system can expect to be the subject of cyber-attacks and must take steps to protect themselves. This calls for a clear analysis of industrial networks and their vulnerabilities, and a whole- lifecycle approach to managing embedded control systems.

Security neighbourhoods

A modern industrial control system comprises both information technology (IT) and operational technology (OT) domains, which are interconnected. Security needs to be addressed from end to end, and can be analysed in terms of general security neighbourhoods as shown in figure 1.



Made with FlippingBook Online newsletter