adam's notes

Industrial Control Systems (ICS)

An industrial control system (ICS) is a network managing embedded devices.

  • provides mechanisms for workflow and process automation
  • controls machinery used in critical infrastructure
    • e.g., power suppliers, water suppliers, health services, telecommunications, and national security services
  • An ICS that manages process automation within a single site is usually referred to as a distributed control system (DCS)
  • comprises plant devices and equipment with embedded programmable logic controllers (PLCs)
    • handle specialized input and output
    • linked either by:
    • to actuators that operate:
      • valves, motors, circuit breakers, and other mechanical components
      • sensors that monitor some local state, such as temperature
    • output and configuration is performed by one or more human-machine interfaces (HMIs)
      • Input and output controls on a PLC to allow a user to configure and monitor the system
      • e.g., local control panel or software on a computing host
    • PLCs are connected within a control loop
    • the whole process automation system can be governed by a control server
    • data historian is a database of all the information generated by the control loop
      • Software that aggregates and catalogs data from multiple sources within an industrial control system
    • uses the MODBUS protocol
  • embedded system network is referred to as an operational technology (OT) network
    • to distinguish it from an IT network

Programmable Logic Controller (PLC)

Programmable Logic Controller (PLC) is a type of processor designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems.

  • used in industrial settings
  • interact with a wide range of sensors and other types of input/output devices typically operating in physical spaces
    • e.g, conveyor-belts, gates, flow sensors
  • form a bridge between real-world and digital world
  • can be programmed to perform several actions in response to triggers
    • which might be programmed to be received by a sensor
  • To control how a PLC operates,
    • it is programmed with a special sequential control language called Ladder Logic
      • is developed using a graphical, flowchart-like interface

Supervisory Control and Data Acquisition (SCADA)

A supervisory control and data acquisition (SCADA) system is a type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographically large areas from a host computer.

  • takes the place of a control server in large-scale, multiple-site ICSs
  • typically run as software on ordinary computers
    • gathering data from and managing plant devices and equipment with embedded PLCs
      • referred to as field devices
  • typically use WAN communications to link the SCADA server to field devices
    • e.g., cellular or satellite

Info

  • legacy and embedded systems represent a risk in terms of maintenance and troubleshooting and security
    • tend to require more specialized knowledge than modern, off-the-shelf, computing systems
    • Consultants with expertise in such systems can be highly sought after

ICS/SCADA Applications

  • used in many sectors of industry:
    • Energy
      • refers to power generation and distribution
      • utilities include water/sewage and transportation networks
    • Industrial
      • refer specifically to mining and refining raw materials, involving hazardous high heat and pressure furnaces, presses, centrifuges, pumps, and so on
    • Fabrication and manufacturing
      • refer to creating components and assembling them into products
      • used to control automated production systems
        • e.g., forges, mills, and assembly lines
      • systems must work to extremely high precision
    • Logistics
      • refers to moving things from where they were made or assembled to where they need to be, either within a factory or for distribution to customers
      • used in
        • control of automated transport and lift systems
        • sensors for component tracking
    • Facilities
      • refer to site and building management systems, typically operating automated heating, ventilation, and air conditioning (HVAC), lighting, and security systems
  • was historically built without regard to IT security
    • is now high awareness of enforcing security controls
  • Industrial systems have different priorities than IT systems
    • safety is the overriding priority
    • prioritize availability and integrity over confidentiality
      • reversing the CIA triad as the AIC triad
  • Cybersecurity is paramount
    • associated with critical infrastructure sectors
    • Cyberattacks on these systems can severely impact
      • public safety
      • economic stability
      • and national security

Stuxnet

One infamous example of an attack on an embedded system is the Stuxnet worm.

  • was designed to attack the SCADA management software running on Windows PCs to damage the centrifuges used by Iran’s nuclear fuels program.
  • NIST Special Publication 800-82 covers some recommendations for implementing security controls for ICS and SCADA

Graph View

Backlinks