A virtual cross-industry meeting was held on January 5th, 2022 under the purview of IEEE, with universities and standards development and industry organizations representing a cross-section of critical infrastructures. Essentially, “a coalition of the willing”.
As process sensors are used in all sectors, the intent of the meeting was to create outcomes and a way forward for advancing cyber security and reducing the risk associated with insecure process sensors in a common manner. To accomplish that requires the cooperation between physical security, network security, and engineering/operational security disciplines which can be fostered and enhanced via collaboration between professional associations and societies.
The focus is on legacy devices.
That is those devices currently in use and those still being built as there is no cyber security in the devices or cyber security standards to address these device limitations. The group concluded that establishing standards and guidelines to address the unique gaps and vulnerabilities with legacy field devices remains a priority. There was a desire to move forward so the question as to what organizations are best suited to sponsor and oversee this new and expanding area of training and research for control system field device cyber security. Finally, the team agreed to develop a whitepaper to be shared with government policymakers and R&D organizations who are able to resource and facilitate these efforts. It’s time for the industry that relies on process sensors to take the lead in closing the gap between cyber security and safety engineering.