Section 6.10 Industrial Computer Systems
As you study this section, answer the following questions:
What are the components of an industrial system?
What is the difference between operational technology and information technology?
What are best practices for securing an OT network?
Define Operational Technology
Understand how industrial computer systems work
Understand the different roles within industrial computer systems
The key terms for this section include:
Controllers used to monitor and control PLC systems. They gather data and adjust the system based on sensor data.
Key Terms and Definitions
| Term | Definition |
|---|---|
| Operational Technology (OT) | The hardware and software technologies used to manage physical devices, processes, and events within an organization. |
| Controller Systems | Industrial control systems (ICSs) that handle all machinery's workflow and automation process. |
| Programmable logic controller (PLC) | Digital computers designed to enable automation in assembly lines, autonomous field operations, robotics, and many other applications. |
| Supervisory control and data acquisition (SCADA) | |
| Human-machine interface (HMI) | A touch-screen control panel or software on a typical computer system that allows the operator to make configuration changes in the system. |
| Modbus | A special network protocol that controller systems use to communicate with each other. |
This section helps you prepare for the following certification exam objectives:
| Exam | Objective |
|---|---|
| CompTIA CySA+ CS0-003 | 2.1 Given a scenario, implement vulnerability scanning methods and concepts
|
6.10.1 Controller Systems
Click one of the buttons to take you to that part of the video.
Controller Systems 00:00-00:23 Manufacturing and critical infrastructure systems often operate using specialized controller systems. These systems connect to the networks. If they're not handled properly, they can cause serious security vulnerabilities.
In this lesson, we'll look at these controller systems and how to protect them on your networks.
Controller Systems 00:23-04:28 Industrial control systems, commonly called ICSs, handle the workflow and automation processes for all sorts of machinery. These control systems are used in critical infrastructure such as power plants, manufacturing, hospitals, and telecom systems. Let's take a look at how these systems work.
Most of these systems start with the programmable logic controller, generally called the PLC. This is a specialized controller that can be programmed to perform specific tasks. For example, you can program a PLC with the exact timings to handle a manufacturing process. Multiple PLCs can also be linked together to carry out complex tasks as needed.
Now, it'd be a hassle to have to go around to configure and manage each PLC individually. Therefore, to manage all these devices, you can implement a supervisory control and data acquisition, or SCADA, system.
SCADA controllers are used to supervise the entire system and gather data, letting you make any needed adjustments. Many of these systems can automatically make adjustments based on the data acquired from the sensors.
Configuration changes on the PLC or SCADA systems are handled using a human-machine interface, or HMI. An HMI can be a touch-screen control panel, usually used for small-scale environments, or software running on a computer system, which is generally the case for large-scale environments. All these systems can be combined to build an ICS that does exactly what you need it to do.
Many of these devices are open source and work with each other regardless of the manufacturer. However, sometimes you may want to just have one system that comes fully customized and configured for your needs. This is where the Distributed control system, or DCS, comes into play. A DCS is a system that contains the SCADA, PLCs, and HMI all together. This means that the software needed to run these systems come packaged with the DCS.
Whether you've built your own system or are using a DCS, these systems communicate with each other using a special network protocol called Modbus. Modbus has become a de facto standard communication protocol, which is openly published and royalty-free. Modbus was originally developed to run through a serial interface, but has evolved to work over Ethernet and TCP/IP.
All the components of an ICS network are typically referred to as an operational technology network whereas our typical networks that consist of a server and clients are referred to as information technology networks. You'll hear them call OT networks and IT networks for short.
Manufacturing and other automated systems are a vital part of our economy and infrastructure systems today. These systems are a big target for malicious attackers. As a security specialist, you need to be aware of some of the vulnerabilities these systems have and how to best protect these OT networks.
One of the more important steps in protecting your ICSs is to make sure the people who have administrative control over these systems fully understand them. Network administrators understand and know how IT networks operate, but may not have a full understanding of the special protocols and operation of PLCs and SCADA devices.
As with typical networks, you'll need to make sure that only the necessary protocols are running on these systems. In addition, all unused ports should be closed. We don't want to have any ports open or protocols running that could allow an attacker access to the systems.
You also need to ensure that your systems are patched and up to date. These systems will have firmware and software updates to patch any new vulnerabilities that have been discovered. When doing so, make sure that the updates doesn't cause any downtime or interruption of critical services.
Finally, you should perform regular audits and vulnerability assessments. It's important to note that active vulnerability assessments can cause serious issues on OT networks, so you should only perform passive assessments.
Summary 04:28-05:14 That's it for this lesson. In this video, we looked at the components of industrial control systems. These systems start with the PLC that handles the automated tasks. We discussed how a SCADA controller can be implemented to manage multiple PLCs and integrated systems. To interact with these systems, you need to use an HMI, which can either be a touch-screen controller or software running on a computer. Next, we discussed how you can create an IDS system from multiple manufacturers or have an all-in-one system called a DCS. And finally, we looked at some of the vulnerabilities inherent in these systems and what we need to do to keep the systems secured.
6.10.2 Controller Systems Facts
Manufacturing and critical infrastructure systems often operate using specialized controller systems. These systems need to be able to connect to and communicate on the network. Security administrators should be knowledgeable of these systems and know how to secure them properly.
This lesson covers the following topics:
- Operational technology
- Controller systems
- Operation technology security
Operational Technology
Operational technology (OT) is a term used to describe the hardware and software technologies used to manage physical devices, processes, and events within an organization. It is the technology used to monitor and control physical systems, processes, and environmental events. Examples of OT include industrial control systems, robotics, sensors, Programmable Logic Controllers (PLCs), SCADA systems, and the networks and devices used to operate them.
Operational technology presents some unique concerns for cybersecurity. Many OT devices are highly susceptible to attack; they are designed to a different set of criteria than is typical for standard computing devices. OT equipment emphasizes availability and is highly customized to help operate and maintain equipment interacting with the real world. OT devices are not new; OT devices have been in operation for many decades, and much OT equipment installed initially 20, 30, or more years ago is still in operation today. Failure or breach of OT equipment can result in tangible, real-world impacts, such as environmental disasters, explosions, severe injury, or loss of life. Protecting OT is highly specialized and sensitive work.
Controller Systems
Industrial control systems (ICSs) handle all machinery's workflow and automation process. They provide mechanisms for workflow and process automation. These control systems are used in critical infrastructure such as power plants, manufacturing, hospitals, and telecom systems. The following table describes the components that comprise an ICS.
An ICS comprises plant devices and equipment with embedded PLCs. The PLCs are linked either by an OT fieldbus serial network or by industrial Ethernet to actuators that operate valves, motors, circuit breakers, and other mechanical components, plus sensors that monitor some local state, such as temperature. Output and configuration of a PLC are performed by one or more human-machine interfaces (HMIs). An HMI might be a local control panel or software on a computing host. PLCs are connected within a control loop, and a control server can govern the process automation system. Another essential concept is the data historian, a database of all the information generated by the control loop.
| ICS Component | Description |
|---|---|
| Programmable logic controller (PLC) | Programmable logic controllers (PLCs) are used in industrial settings. They are digital computers designed to enable automation in assembly lines, autonomous field operations, robotics, and many other applications. PLCs interact with sensors and input/output devices typically operating in physical spaces (conveyor belts, gates, flow sensors) and bridge the real-world and digital worlds. PLCs can be programmed to perform several actions in response to triggers, which might be programmed to be received by a sensor. To control how a PLC operates, it is programmed with a special sequential control language called Ladder Logic, developed using a graphical, flowchart-like interface. Multiple PLCs can be combined and configured to work together to carry out complex tasks. |
| Supervisory control and data acquisition (SCADA) | SCADA controllers are used to monitor and control PLC systems. They gather data and adjust the system based on sensor data. A SCADA system replaces a control server in large-scale, multiple-site ICSs. SCADA typically runs as software on ordinary computers, gathering data from and managing plant devices and equipment with embedded PLCs called field devices. SCADA typically uses WAN communications, such as cellular or satellite, to link the SCADA server to field devices. |
| Human-machine interface (HMI) | The HMI can be a touch-screen control panel or software on a typical computer system. The HMI allows the operator to make configuration changes in the system. |
| Modbus | Modbus is a special network protocol that controller systems use to communicate with each other. Modbus originally ran through a serial interface but has evolved to work over Ethernet and TCP/IP. |
Operational Technology Security
All components of an ICS network are typically referred to as an operational technology (OT) network, in contrast to typical information technology (IT) networks that consist of a server and clients.
Manufacturing and other automated systems are vital to the economy and infrastructure systems. These systems are a target for malicious attackers. Security specialists should be aware of OT networks' vulnerabilities and how to protect them best. Recommendations are:
- Personnel with administrative control over these devices should have the specialized knowledge and skills to manage them.
- Only necessary services should be running on the controllers. All unneeded ports should be closed.
- The systems should have the latest patches and updates.
- Regular security audits and vulnerability assessments should be performed.
- Active vulnerability assessments can cause severe issues on an OT network. Perform only passive assessments.