There may be a few people who are puzzled by why I referred to PLC Security as “security.” And this brings me to an often forgotten part of the AIC security triad.
Yes, there is Availability. There is Confidentiality. You tend to see a lot of discussion about the former among ICS security people. You tend to see a lot discussion about the latter among IT security people. And there is Integrity. This doesn’t get much discussion from anyone.
It’s sort of like the forgotten middle child. She’s quiet. She’s self sufficient, and she rarely raises a fuss. But we do need to keep track of her because many things that happen start off as attacks on Integrity.
And that brings me back to the PLC security discussion. Most of the suggestions in the presentation I gave at S4x20 are self integrity issues. By emphasizing this forgotten middle child of the triad, I hope we can get to the cybersecurity diagnosis faster.
It has been noted by many that industrial security problems can lurk for many weeks or even a year or more before they are noticed. The reason this is the case is because everyone assumes that any anomalies they’re observing are physical in nature. Operators make mistakes. Switches can get stuck or broken. Thermocouples can get fouled, or cold junctions can be misconfigured. There are so many reasons why things may not work right.
How do we address those problems? We do it by making sure that we have more than one way to observe a process. We do it by integrating or differentiating between two unrelated instruments, such as a flow meter and a tank level indicator on the same system.
This is how we get early warning of problems. It highlights the glitches based upon what we think should be happening versus what actually is.
Of course, it’s not just security. It’s rapid diagnostics. Security is a selling point, but the more rapid diagnostics will actually have a return on the investment that the plant can measure. If you’re doing security right, your best guess is a “what-would-have-been” scenario. That is almost never a flashy report.
There are many things we can do to improve on process integrity monitoring. I’ve proposed about seventeen on the Top20 site for the ISA. But there are other unnumbered suggestions below. Some are redundant, some are not likely to be needed most of the time. I would like to see this list become a sort of “Most Wanted” features of PLC programs.
So let’s focus on Integrity. Even if security isn’t the reason, it will pay significant dividends.