ICS Strengths and Weaknesses (from security perspective)


We all know that Industrial Control Systems (ICSes) have very specific dynamics. In this article, we’ll take a closer look at their strengths and weaknesses.

The first part of this article discusses some of the reasons why they operate so smoothly, almost always without interruption. The second part debunks the myth of an ostensible perfect situation by showing some of the security issues related to an ICS environment. 

ICS strengths

High degree of availability

High availability means systems are always on, always available no matter what happens. High availability relies on redundancy — that is, having backup components in a system to substitute for the main ones in case of any contingency.

The idea behind redundancy and fault tolerance is simple: keep things running and maintain uptime. To achieve that, an ICS must have redundant servers, with each server having a redundant power supply (i.e., the so-called uninterruptible power supply or UPS), software and hardware components. Clustering a number of servers together is also a good idea.

Furthermore, redundant routers and redundant firewalls are advisable.

Coupling processes, such as storing the system status and controlling actuators, could be risky as far as redundancy is concerned. Independent data storage servers known as historians are needed to preserve the historical record of a particular control system; again, eliminating control computers that present a single point of failure. One way to minimize the risk of a historian going down is through adding an external, highly-reliable network-connected storage device, which will increase the overall resilience of the system.

It is not uncommon for industries to adopt redundant control centers to support quick recovery and duplication of data resources in the event of an accident. In addition, redundant transport is implemented (for example, via dual LAN connections with failover).

To connect (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Dimitar Kostadinov. Read the original post at: