38
produc t s & serv ices
TLS integration based on IEC 62351 part 3 Attacks against the OT (Operational Technology) infrastructure can cause outages, result in the theft of intellectual property, or end in significant physical damage occurring.
Any automation infrastructure is a potential target for many kinds of attacks. Whether in the collection of realtime data, the setting of set-point values, or the sending of commands, it is now clear that the automation industry has not, to date, been sufficiently focused on security. The development of many existing industrial communication protocols focused on their ease of use, reliability, and interoperability. Security concepts were not on the agenda. Industrial systems were always standalone systems. The assumption was they would operate on isolated, airgap networks rather than leveraging the open connectivity and Internet concepts of today. Although the same communication standards are still widely used today, historically they have not kept up with the evolving networking and security threat landscape. Out of over 300 different communication protocols supported by zenon, less than 10 specify security by design. Less than 20 have bolt-on security features defined after standards were initially released. This means a huge challenge in terms of cyber security. “Unsecure” communication channels expose OT asset owners to typical attack vectors, such as replay attacks, man-in-the-middle attacks, brute-force attacks, denial-of-service attacks, and spoofing and tampering attacks. Especially in critical infrastructure, with widespread communication networks and assets, these threats are a major concern. A N OV E R A LL S E CU R IT Y CO N C E P T Fortunately, efforts to improve security for existing protocols and standards are taking flight and we can adopt these efforts as one aspect of an overall security concept. The IEC 62351 standards series provides mechanisms which can be adopted by other existing standards like IEC 61850, IEC 60870, and IEEE 1815 (DNP3). When implemented, these mechanisms can help ensure secure communication. For us, as a major provider in this industry, we see it as
our responsibility to actively participate in the creation of these standards and to be among the first providers to offer solutions for our customers based on these secure standards. IEC 62351-3 introduces the use of TLS (Transport Layer Security), which is a cryptographic layer designed to provide secure communication between TCP/IP based endpoints. The primary goals are establishing mutual authentication between two endpoints, providing data integrity, and – optionally – data privacy. By applying TLS to existing TCP/IP-based communication protocols, several major security threats can be mitigated: –– The use of cryptography and encryption protects sensitive data from unwanted disclosure. –– The use of cryptography and digital certificates ensures that connections are only established when the identity of the opposite end is established and trusted. –– The use of cryptography allows each end to verify the data received to establish that the data was sent by the trusted opposite end and was not manipulated during transport over the network. TLS can provide security between two endpoints. However, it does not provide security at the application layer of the protocol. It also does not provide a way to establish the role and corresponding access rights of a particular application behind the endpoint. For this, other parts in the IEC 62351 standards series have been defined: part 5 for secure authentication; part 8 for role-based access control; and part 4 and part 6 for securing MMS. By applying security at the transport level using TLS and security at the application level, you can achieve end-to-end security, also over multiple hops.
