Stuxnet and Industroyer are two examples of malware attacks in recent years that targeted the industrial control systems of two facilities. In both cases, the malware was used to compromise SCADA, PLC or DCS systems with the intent to cause catastrophic failure. In the first case, attackers targeted the centrifuges in Iran’s nuclear programme. The Stuxnet malware altered the PLC programming, resulting in Iran’s nuclear centrifuges spinning too quickly and for too long. This caused irreparable damage to delicate equipment. In the second example, electrical substations in the Ukrainian capital Kiev were hacked, leaving 230,000 residents without electricity for up to six hours.
Engineers now need to be cognisant of how they design systems and maintain procedures, policies and behaviours so industries are not blind to extra risks. These risks are multiplied as mission-critical businesses increasingly adopt wireless technologies, use offsite data centres and trial technologies such as drones.
Managing vulnerabilities
Cyber-threats need to be considered at every stage of the functional safety lifecycle. During the design stage, it’s important that engineers eliminate blind spots by clearly identifying each element of the control system as well as the security breaches that are likely to occur and how to tackle these.
Plant managers should carry out cyber-risk assessments of their operational technology (OT) systems to identify additional security measures that may be required. Following the security standard IEC 62443, this involves picking holes in the work protocols, countermeasures and employee behaviours, as well as the technology comprising the control system itself, to ensure full functional safety. Often after installing a system, penetration testing is carried out to check its robustness and integrity before it is installed in a facility.
After installation, physical security measures can be put in place to ensure cybersecurity. This could be as simple as managing user permissions or installing the latest hardware, software or firewalls to continuously monitor cyber-threats. Firewalls are most effective when only specific users can access the system, and when any ports that are not needed to support the control system connections outside the corporate LAN are blocked.
Importance of data monitoring
Logging, monitoring and analysing your data via a process control system (PCS) is also a critical step to ensure cyber-security because it enables businesses to detect malicious activity. Because not all sensors and equipment produce security logs, it’s vital to focus efforts on the instrumentation in the path of an intruder that can give you data.
Being able to monitor data in real-time is also important for operators responding quickly to potential threats to functional security. If a cyber-threat is detected early enough, and the relevant personnel are informed immediately, action can be taken to prevent costly damage. For a nuclear power plant, subversion of a system could result in the dismantling of safety-critical measures. To this end, it is vital action is taken quickly.
Supply chain security
According to the National Cyber Security Centre (NCSC), one of the most important steps in protecting your control system against cyber-attacks is collaborating with suppliers and partners.
With the right partnerships in place, companies can pick holes in a system’s cybersecurity from the get-go, reducing downstream time, effort and costs. What you want to avoid however, is over-thinking hypothetical threats, which may lead to over-complex, costly control systems.
Delkia offers to undertake risk and vulnerability assessments, installing antivirus software, firewalls, intrusion detection systems and alert logging and monitoring capabilities. It can also advise at the early stages of the design. This is more time- and cost-effective than trying to retrofit functional safety management requirements at the later stages of implementation.
By aligning cybersecurity and functional safety, the nuclear industry can benefit from cost-effective and intrinsically safe control systems.