IEEE paper on process sensor monitoring – what you need to know about process sensor cyber security

The article, “Using Machine Learning to Work Around the Operational and Cybersecurity Limitations of Legacy Process Sensors” is now available in the November issue of IEEE Computer: The paper provides a case study providing detailed quantitative results of the unseen deficiencies in many process sensors. October 25th, Dale Peterson issued a blog “the Weissian Level 0/1 Issue”. Dale’s blog stated he doesn’t know if process sensor accuracy is important and that the lack of authentication in Level 0/1 communication is not a security risk. The IEEE paper quantifies the impact of inaccurate sensors while the blog identifies catastrophic failures from inaccurate sensors. As to Dale’s second comment, it is important to know if the process sensor data source can be trusted. With hardware backdoors in certain Chinese-made equipment, it is critical to know if the process sensor data is coming from the sensor and not Beijing. Additionally, November 1st, Steve King published results that indicated between January and September of 2021, there was a 2,204% increase in adversarial reconnaissance activity targeting port 502 – MODBUS. Raw sensor monitoring provides a ground truth, independent view of the process regardless of what is occurring with cyber vulnerable communication protocols or OT network availability from unintentional or malicious attacks such as ransomware.

Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.