- April 29, 2019
By Jalal Bouhdada, Applied Risk
This article discusses why manufacturers must understand the critical nature of designing devices with security in mind.
By Jalal Bouhdada, Founder & CEO, Applied Risk
A seismic shift is underway within the industrial environment. The prolific rise of the Industrial Internet of Things (IIoT) and automation have revolutionised the way manufacturers and engineers operate, progressing from reactive to predictive maintenance, boosting productivity, and making sense of large quantities of data for enhanced business intelligence. Uptake is also having a profound impact on ROI, with the benefits greatly increasing profitability within all environments where it is implemented.
While the advantages of the IIoT and automation are undeniable, without clear and correctly implemented cyber security practises, the benefits can become compromised. To transform a traditionally offline environment to a digitally connected one is incredibly risky if done without due diligence. As more and more automated and connected systems are finding their way into industrial networks, there is a real concern that we are unintendedly leaving our backdoors unlocked.
Why a Secure Development Lifecycle process is Critical
The problem many manufacturers are facing is that security considerations are not being taken into account early enough in the development of new technologies, leaving potential vulnerabilities to be fixed at a later stage. This mindset must be addressed; adherence to the principles and framework of the Secure Development Lifecycle (SDLC) process will help this, but this is unfortunately still notable by its absence in many new deployments of IIoT and automation technologies.
This is where the conversation around cybersecurity must change. The SDLC is much more than a process. Having a well-documented SDLC and cybersecurity policy is a key tool that vendors can use to demonstrate that products are secure by design, and that customers can use to ensure due diligence in the whole supply chain.It can helpidentify and reduce potential threat vectors, based on detailed knowledge and understanding of how and where a product will operate. The SDLC is key both to protecting industrial components and networks from cybersecurity risks and improving the level of trust and confidence that users will ultimately place in them. This is about business enablement and continuity, it is not a box-ticking exercise.
How Does a SDLC Process Work?
The SDLC should begin with a full and documented risk assessment, even before an initial design document is produced. Then, during the design process, a full analysis of the attack surface presented by the product should be conducted, along with threat modelling based on the context in which a device will be used. For developers, the SDLC means that security testing (e.g. manual or automated code review) should be an intrinsic part of the regular quality assurance process, given the same priority as bug hunting and compatibility checks.
This ensures that there are no unexpected backdoors, that network interfaces are properly configured and that access to devices is strictly controlled. Continuous testing throughout the design process should include penetration testing, static analysis and ‘fuzzing’, a process that involves trying to overload systems with random data to look for weaknesses that might be exploited by hackers.
Creating Competitive Advantage Within Industry
Customers are becoming much more aware of the risks around deploying new IIoT and automation technology on their networks, which is why the SDLC should be considered as a critical tool for suppliers to differentiate their offering. Using the language and processes of the SDLC to demonstrate mission readiness is a powerful sales tool, and responsible developers will invest in the best possible protection against the potential damage to revenue, reputation and operations that a security incident can cause.
That said, manufacturers need to realise that it’s not enough to assume a vendor has done its job, even if messaging is right. End users should have their own internal teams on hand to help conduct regular testing and hardening of solutions over time. This helps the SDLC process become a vital tool for improving and communicating about security in IIoT deployments. We can keep innovating new technologies for the business benefit, but that benefit won’t last long if security is not properly considered.
About the Author
Serving as the Founder & CEO since the conception of Applied Risk in 2012, Jalal is responsible for the management of industrial security services and product development operation within the organisation. Jalal has led a large range of complex ICS cyber security projects for major global clients, including many of the world’s largest industrial companies and utilities. He’s an active member of a number of professional security societies and has co-authored ICS security best practice guidelines for ENISA and the ISA 99.Learn More
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe