As industrial systems become more interconnected, manufacturing enterprises should collaborate with various organizations to create a cybersecurity ecosystem for end-to-end security.
Whether it is government agencies managing critical infrastructure or enterprises responsible for production, they all face a serious security risk—the increasing number of attacks targeting Industrial Control Systems (ICS). Control systems are becoming more interconnected, and while Ethernet increases potential security risks, Ethernet-based architectures are more attractive for modern enterprises.

ICS is a crucial component of critical infrastructure, and operators rely on these systems daily to ensure the normal operation of essential facilities.Developing a cybersecurity ecosystem helps build security barriers within organizations to mitigate increasingly complex cyber threats.
Malicious or accidental threats and cyber incidents can occur daily in industrial control networks.Today, it is easier than ever to discover vulnerabilities in industrial protocols, networks, and devices. Everything that has happened in the past six years serves as a wake-up call for the industrial automation industry. Industrial control systems have become primary targets for some cyberattacks, such as the Stuxnet virus, Night Dragon virus, and Shamoon virus. The increasing volume of attacks necessitates more effective cybersecurity solutions to aggregate, analyze, and correlate data across multiple platforms, creating near real-time visualizations to describe any potential or ongoing threats.

Enterprises must go beyond their own organizations and collaborate with partners and suppliers regarding the potential impacts of cyberattacks.However, these interacting devices, networks, organizations, and individuals form a complex system that can pose potential threats or benefits.
Companies and government organizations must work together to further develop critical infrastructure protection solutions, rather than merely meeting minimum requirements. Solutions must target professionals whose responsibilities are to ensure the normal operation of critical infrastructure and to provide mitigation measures for threatened business cases. In the past, the communication protocols used were in isolated environments, making industrial control systems largely immune to malicious attacks, which often targeted the IT networks of the target enterprises.
As industrial systems become more interconnected, manufacturing enterprises should collaborate with various organizations to create a cybersecurity ecosystem for end-to-end security.Skilled cybercriminals and hackers are increasingly focusing on critical infrastructure and its supporting systems with old-fashioned, targeted attacks. The impact of these attacks extends far beyond the intended targets, making security more important than ever.

The U.S. Department of Homeland Security has identified three core principles for developing a cybersecurity ecosystem: automation, interoperability, and authentication.
-
Automation: The ability to quickly complete event detection and response. Automation is an effective strategy that can rapidly integrate action decisions made in response to cyber situations, with machine response speeds far exceeding human response speeds.
-
Interoperability: Distributed threat detection across devices. Interoperability must remove technical limitations at the organizational level to enable seamless collaboration in network defense automation.
-
Authentication: Achieving trusted automated collaborative communication in a reliable manner. Authentication provides assurance to relevant partners when making automated decisions.
Maintaining the integrity of industrial control systems requires a comprehensive understanding of the various communication standards used by ICS components to ensure safe and efficient operations.At the physical layer of the network, it is difficult to detect communication errors, cybersecurity threats, and poor network health issues. Some problems are evident: slow Human-Machine Interface (HMI) updates, unexplained downtimes, and unstable failures of integrated circuit components. A robust and healthy Operational Technology (OT) network is key to preventing these failures.

There is a significant amount of ICS and sensor data that needs to communicate with other business and enterprise-level systems within the corporate network.This increasing demand also brings new risks and challenges that enterprises must address and mitigate. There is a lot of data that needs to be filtered, but the lack of skilled labor to help process this data means workers may not be able to cope with cybersecurity risks.
The first reports of cyberattacks on ICS date back 15 years.Since then, the number of attacks has grown exponentially, far exceeding the number reported in the news. Deliberate concealment and suppression of information regarding attacks may not be the best approach. Reporting such attacks to regulatory and support agencies is a wiser choice. This not only helps develop new solutions to reduce the risk of future attacks but also aids in developing stronger defense strategies.
Designing for Security from the Start
Previously, security was a trivial issue, and cybersecurity was not designed and implemented when designing ICS.Now, it has become an integral part of any project. The critical infrastructure sector must work closely with owners, integrators, regulators, and suppliers to ensure that such cybersecurity measures can be integrated into ICS from the outset.
The industrial sector needs to abandon the notion that security can be added after system installation.Security should be considered from the beginning in the design and implemented at all levels of the enterprise. ICS cybersecurity should focus on ensuring the security of critical devices.

Cyber threats targeting ICS are constantly evolving and increasing, with cyberattacks always seeking new targets, and cybercrime is on the rise. ICS security measures are no longer limited to preventing hackers or having strong physical boundaries. If ICS vulnerabilities are exploited by potential competitors of the enterprise, it could yield billions of dollars in returns, making this temptation very significant. More companies are being asked to detail the cybersecurity measures they have taken and to specify the analyses and assessments they have conducted on technology suppliers and service providers. The government recognizes that cybersecurity is one of the most serious economic and national security challenges they face and is intensifying efforts to protect vulnerable critical infrastructure.
ICS vendors are making efforts to reduce the security risks of control systems, enabling automation professionals to more effectively ensure the safety of industrial processes through a combination of control system design, best practices, technologies, and professional services. Since ICS is at the core of production, cybersecurity programs must provide multi-layered defenses against both internal and external threats to mitigate various risks.

ICS vendors and automation professionals must commit to providing a continuously evolving range of products and services to help mitigate risks and enhance the security of production assets..Solutions should include risk analysis, data collection and correlation platforms, and actionable visibility for cybersecurity blind spots. This will drive effective cyber risk management and create a robust cybersecurity posture.
Cybersecurity solutions should enable organizations to understand their current business environment and provide contextual knowledge to understand how their employees, supply chains, customers, and attackers interact with their control systems, data, devices, and applications. In an interconnected world, threats can come from anywhere.
Traditional cybersecurity approaches are necessary but insufficient to provide organizations with adequate protection.The need for periodic vulnerability assessments and the value they can provide must be understood and recognized by organizations. Organizations must invest in cutting-edge technologies, understand their ecosystems, and work with the most trusted partners to jointly protect the cybersecurity ecosystem.
This article is from the September 2017 issue of CONTROL ENGINEERING China, under the “Technical Articles” section, originally titled: Building an ICS Cybersecurity Ecosystem.
To receive the world’s leading technical articles on industrial control automation and smart manufacturing daily, please follow our WeChat account “CONTROL ENGINEERING China“!
————Cover of this issue of the magazine————

Recommended Reading
-
Frontier Observation | Manufacturing Enterprises are Benefiting from the Rapid Development of Cloud Computing
-
National Day and Mid-Autumn Festival Benefits—Siemens Offers a Free Trial of a 30,000 Yuan Industrial Communication Package!
-
A Must-Read for Control Engineers | How to Implement and Maintain an Efficient Alarm Management System
-
Exclusive Release | Honeywell: Embracing the Digital Age of the Industrial World
-
Shi Peixin from Qiyun Technology: Creating a Truly Usable Industrial Internet Platform
-
Frontier Applications | Using Thermal Imaging to Create Machine Condition Monitoring (MCM) and Predictive Maintenance Systems
-
Latest Advances in Process Control | New Opportunities in Level Measurement—High-Frequency Radar Sensors
-
The Arrival of Mobile Automation Era—System Integration of Mobile Control and Monitoring
-
PLC Program Design | The Best Way to Simplify Program Elements—Object-Oriented Programming
-
Key to Implementing IIoT: Extracting Value from Big Data in Industrial Internet of Things
-
IIoT | How to Shorten the Gap Between Operational Technology (OT) and Information Technology (IT)?
