The Benefits of ICS Network Monitoring Throughout the Entire Industrial Control System’s Lifecycle
By Preston Futrell, VP of Sales & Marketing, NexDefense
Critical infrastructure and industrial organizations are under constant pressure to do more for less despite mounting financial, operational and compliance restrictions. To meet these demands, facility owners and operators are increasingly looking to modern information technology (IT) as a cost-efficient way of improving efficiency and productivity, as well as upholding reliability and to maintain integrity.
Unfortunately, the majority of the automation and control systems still in use were built long before connectivity was even a thought. As such, most operators of this legacy equipment lack the network visibility and situational awareness needed to ensure reliability and availability, or to discover and stop increasingly frequent and sophisticated cybersecurity attacks.
Recognizing both the reliability and security vulnerabilities that come with converging innovative IT with traditional operational technology (OT), engineers and security professionals alike have begun to actively encourage their organization’s leadership to adopt ICS-specific solutions to alleviate these concerns. ICS network monitoring, for example, can help maintain the reliability of mission critical equipment. It does so by providing real-time visibility of misconfigurations, remote connections operating improperly and incorrect commands unintentionally introduced by simple human error. Likewise, network monitoring also provides the visibility and situational awareness needed to passively unearth attempts at unauthorized access and suspicious communications that may signify malicious reconnaissance activity or, even worse, an imminent cyber event.
While technology that supports reliability efforts remains the number one priority for most engineers, the cybersecurity benefits should not be understated in what has become an era of increasingly sophisticated and frequent attacks. In fact, just a few weeks ago, the consulting firm Booz Allen released a report on ICS cybersecurity, which concluded that “sophisticated and widespread campaigns to steal data and gain access to industrial control systems through cyber attack” were underway.
Adding network monitoring to legacy systems is essential for organizations needing to ensure reliability and minimize cybersecurity risk, yet doing so is not without challenge. Specifically, the plethora of legacy equipment’s established vulnerabilities makes it difficult to establish a baseline for network activity that should be considered ‘normal.’ Thus, false positives and the need for excessive and time-consuming equipment maintenance and systems upgrades can elongate the implementation process.
Fortunately, the fix to this challenge is simple: make network monitoring inherent to new equipment.
The Need for Network Monitoring in New Equipment
Because manufacturers are currently producing new control systems as legacy equipment is reaching end of life, the opportunity to implement ICS-specific technology into new equipment is quickly approaching – if not already here.
In an era in which connectivity and cyber attacks threaten reliability like never before, incorporating network monitoring into control systems from the very beginning is primed to become the norm. Industry has spent a lot of time addressing the need and implications of adding network monitoring to legacy systems, but has not talked enough about the benefits of network monitoring inherent to equipment.
In fact, the benefits are profound to manufacturers, systems integrators and end users alike during all four phases of the ICS lifecycle: design, install, operate and maintain.
Manufacturers: Network monitoring aids manufacturers during the physical and logical network layout by allowing them to preplan for desired visual and logging for systems, sensor connection and placements. The visibility also allows the manufacturer to identify any misconfigurations while engineering the system. This intelligence, in turn, helps establish an accurate baseline of communications.
Systems Integrator: For systems integrators, having network monitoring inherent to ICS equipment allows them to track networked assets during commissioning. It also enables them to set alarms on anomalies during network expansion, using that information to establish white, grey and black lists for known and trusted communications as a means to proactively address threats to reliability and cybersecurity concerns.
End User: Incorporating network security monitoring during the design phase provides the end user with a complete history of the system’s network operations. This means that owners and operators know everything that has been changed, patched or upgraded throughout its entire lifecycle. This capability allows for more reliable operations and maintenance – such as asset tracking, real-time analysis and network event forensics.
In all, there is high value in network monitoring for industrial control systems throughout equipment’s entire lifecycle – from design, to install, to operation and maintenance. While adding the solution to legacy ICS is undoubtedly necessary, manufacturers and systems integrators must begin recognizing the benefits of implementing security from the very beginning. Doing so can truly reduce vulnerabilities and accurately identify threats that could negatively impact reliability.
About the Author
Preston Futrell is the vice president of sales and marketing at NexDefense, a provider of cybersecurity for industrial control systems.
Automation Continues to Redefine What it Means to "Work"
By Rick Delgado, Freelance Automation Writer
The trend in computer advancement supports the oft-cited prediction that machines will continue to...
How Your Automation Infrastructure Can Meet Demand for Quality Ingredients
By Dave Sharpe, Rockwell Automation
Whole and healthy ingredients can create obstacles in production, while ingredient transparency is also an...
Cloud-Based MES: The Effort to Empower Small Manufacturers
By Bill Lydon, Editor, Automation.com
In this day and age, it can sometimes seem like the small manufacturer is getting buried underneath the...
The Cloud Holds the Answer to Business Optimization
By Mark Humphlett, Infor
The total output of U.S. manufacturing has increased by more than 250% in the past 25 years, and this growth is expected...
Improving Worker Safety with Automatic Tank Gauging
By Christoffer Widahl, Emerson Automation Solutions
Manual tank gauging at oil and gas extraction sites is a dangerous and potentially fatal...
Interview: The Benefits of One-Cable Automation
As manufacturing becomes more automated and connected across a wide range of industries, it is more essential than ever to streamline installations...
Nextnine and SilentDefense announce OEM partnership for cybersecurity solutions
As part of this OEM partnership, Nextnine has integrated the SilentDefense technology from SecurityMatters into its ICS Shield solution.
PI North America adds Softing's Jeff Besola to Board of Directors
Besola is the Senior VP of Global Sales for Softing. The Board voted unanimously to approve Mr. Besola’s nomination, and he will attend his first...
Veracity announces participation in cybersecurity effort for US Department of Energy
The team, which includes engineers from Veracity, Schweitzer Engineering Laboratories, Inc. (SEL) and Sempra Renewables, will focus on developing...
HMS Report: Industrial Ethernet and wireless growing fast in 2017
Industrial Ethernet now accounts for 46% of the market (38 last year). Wireless technologies are also coming on strong, now at 6% (4) market...