Industrial Control System protocols are modified Ethernet protocols, and many were created originally as serial communications before the wide spread use of Ethernet networking. They support proprietary inter-process communications and were originally built to provide reliable, and deterministic communications long before routable protocols and Ethernet security was a consideration. The Ethernet capable devices like MTUs, RTUs, PLCs, building automation, access control systems, Internet of Things (IoT), and other controllers including devices like variable speed drives and instrumentation that have routable protocols, do not have the capability to protect themselves. In fact, many even lack means of authentication or integrity checking and are vulnerable to potential attack or just mistakes. Consequently, it is up to all of us to protect industrial purpose made controllers from attack using solid, proven engineering and security techniques.
Our Industrial Cyber Security (ICS) philosophically believes that the process itself is what is at stake here. Instead of trying to protect data like your personal banking information, in an industrial control system we are trying to control and protect a process. By focusing on the process, we are able to make cyber security a manageable engineering problem. For instance, if you are running a process like a chemical reactor and it can become unstable in certain scenarios, then we focus on insuring that those scenarios can never be created even if a hacker has complete control and knowledge of the process and control system.
Our ICS team is comprised of seasoned industrial control system and IT technology experts. We have a deep bench of control system experts in process control, discrete manufacturing, building automation, and IoT technologies.
Our ICS services are described below.
We work closely with your organization to evaluate or develop a cybersecurity policy and procedures that are appropriate for industrial control systems. We will work with your team to insure agreement across your organization, rollout, and adoption. The established policy & procedures will drive security focused behaviors without compromising performance and connectivity. It will also establish a method for budgeting decisions, and accountability.
Our services start with robust & secure industrial network design and migration planning. Design services are based on solid industrial control system network design with secure communication and reliability as defined in ISA/IEC 62443 and other standards as required by your industry or region of the world. Our design services focus on providing secure and reliable industrial networks including designs to implement SIEM and other cybersecurity monitoring like Nozomi Networks SCADAGuardian that will serve your business well with better visibility, secure remote connectivity, and less unexplained downtime.
In addition to ICS Design and Migration Planning, occasionally an industrial network just doesn’t work correctly. This manifest itself as a “spooky” network, unreliable, or you might even think you are being “hacked”. Our team will work with yours to analyze why your network is not working properly and remedy the problem. This service is also beneficial where several vendors are pointing the guilt to each other without solving the problem.
A vulnerability assessment evaluates the ICS network for security primarily. We also analyze for performance and reliability. In a vulnerability assessment, we analyze your network architecture, critical assets or processes, network technologies, data flows, process flow diagrams, and previous assessments including risks assessments like HAZOP. A vulnerability assessment will identify vulnerabilities and rank them, remove false positives, and develop prioritized recommendations for remediation. Our final report includes asset inventory, vulnerabilities discovered, severity ratings, recommendations, overview of tools and methods utilized and findings. Once the project is complete, we either destroy or return of all raw data. While a vulnerability assessment is passive, a penetration test is performed with specific written permission to pursue vulnerabilities further into the system to discover the extent of possible exposure or risk.