86 / 100
CONTROLLO
tecnica
Gennaio/Febbraio 2018
Automazione e Strumentazione
86
Network and endpoint security solutions have become usual in industrial control systems. PC-based devices
are usually protected with anti-malware software and networks are typically protected with conventional
firewalls. Adoption of advanced solutions like application whitelisting and deep packet inspection (DPI)
firewalls is also growing as companies develop the resources to manage these technologies.
Despite these efforts, cyber intrusions remain a serious concern for industrial companies. The recent incidents
to critical infrastructure sites demonstrate that actual defenses are inadequate to block sophisticated attacks.
From here the development of new advanced technology such as machine learning or the device profiling.
Mario Testino
New Cyber Security concepts
for Industrial Network Protection
In the industrial Internet age,
Cyber Security
has become a serious issue to be managed by IT
& OT people.
The latter incidents to critical infrastructure sites
demonstrate that actual defenses are inadequate
to block sophisticated attacks.
A recent survey (Critical Infrastructure: Security
Preparedness and Maturity, Unisys and Ponemon)
reported that 67% of companies with critical
infrastructure suffered at least one attack in the
past 12 months.
Either standard or advanced IT Cyber Security
technologies seem not to be enough to protect the
composite architecture of industrial network as
well as protocols and devices.
Furthermore industrial protocols are mostly
not natively secure; you may easily find critical
details simply surfing the internet.
Despite the tendency towards OT segregation,
the operational perimeter is even more breached
because of rising needs of integration generated
by production, maintenance and IT departments.
Thus eventually
OT networks are more con-
nected than ever
.
And finally vendors’ security vulnerabilities can
leave networks exposed to external attack vectors.
But what customer perceives and definitely wants
about industrial cyber security?
The average knowledge of the cyber security sub-
jects seems to be not very thorough by manage-
ment and crew especially in the OT area.
Consequently the Cyber Security maturity is far
to be achieved because it doesn’t immediately
save money, it’s difficult to measure perfor-
mance and definitely it doesn’t allow to evalu-
ate and justify proper investments.
The
risk based approach
looks to be more
appropriate to identify possible cyber-attack
impact to the business: because the threat is gen-
erally undefined but the risk is under everybody’
nose (downtime, loss of service, etc.).
Because of this intrinsic difficulties
NIST
(the
US National Institute of Standards and Tech-
nology) has recently defined a comprehensive
L’AUTORE
M. Testino, Sales and Business
Development Executive Manager,
ServiTecno
NEW NETWORK AND ICS/OT CYBER SECURITY SOLUTIONS IN INDUSTRIAL ENVIRONMENTS
Nuovi concetti per la Protezione dei Network Industriali
Le soluzioni di protezione degli endpoint sono diventate usuali anche nei sistemi di controllo industriali. I dispositivi basati su PC sono normalmente
protetti con software anti-malware e i network sono tipicamente protetti con firewall convenzionali. L’adozione di soluzioni avanzate come le
applicazioni di whitelisting e i firewall con deep packet inspection (DPI) stanno crescendo nella misura in cui si sviluppano le risorse per gestire
queste tecnologie. Nonostante questi sforzi gli attacchi cyber restano una seria preoccupazione per le aziende industriali. I recenti incidenti a siti
di infrastrutture critiche dimostrano che le difese attuali sono inadeguate per bloccare sofisticati attacchi. Da qui lo sviluppo di nuove avanzate
tecnologie come il machine learning e la profilazione dei dispositivi.