Some say that if World War III breaks out, it will be fought in cyberspace. As IoT systems gather more and more under the “umbrella” of the network, security has never been more important to various user groups. From the traffic lights that play an important role in our urban traffic to the power system that provides energy for them, to the management and monitoring systems that keep cars running well, security in the use of networks and devices has become the basis and basis of modern communication devices and systems. necessary condition. Providing solid security in the online world is no easy task. Security is one of the very few scientific and technological means that must be confronted with external forces to achieve overdue results. What is more complicated is that these external forces can break through the defense line time after time through traditional and innovative means. Because of the many potential attack methods, information and network security has become an attractive and challenging topic, which is closely related to enterprises, industries and life.
For decades, the information technology (IT) environment has been very active and the hardest hit area for attacks and threats, which has also allowed IT to grow rapidly. In contrast, the operational technology (OT) environment is relatively traditional and closed, and the connection methods and channels between devices and the network are very limited. Therefore, compared with IT, OT records relatively fewer attack events, but its learning opportunities Countermeasures are also relatively scarce. But security in the OT world tends to have a broader security scope than IT. For example, in OT, security is almost equivalent to safety. In fact, the connected security standards of IIoT also incorporate the safety of equipment and people. This installment will focus on common challenges facing OT security.
The erosion problem of network architecture. The main issues facing the protection of industrial environments are initial design and ongoing maintenance. The original design concept stems from a premise that the network itself is safe, because it is isolated on the physical level of the enterprise, with little or no connection with the external environment, and the attacker lacks sufficient correlation knowledge to perform security attacks. In the vast majority of cases, the initial network design is sound, even good practice and relative standards. But in fact, from the point of view of security design, it is better to cope with the growing demand than to conceal the lack of communication and improve the response. It is relatively common that, over time, an otherwise hidden problem may be exposed by temporary updates and cracks to the hardware, allowing the problem to go unchecked and spread across the entire device family leading to a complete network and system crash Case.
Pervasive system legacy issues. In an industrial environment, the span of new and old equipment is large, the equipment life cycle is long, and the operating system of the equipment is not uniform enough, which makes the maintenance of the equipment extremely troublesome, and also exposes security issues such as system vulnerabilities. For example, in the context of urban power systems, it is not uncommon for older mechanical equipment to intersect with modern smart electronics. For the legacy components, because the old equipment cannot be connected to the network, the equipment is encouraged to run, but the entire system is integrated into the network, and some conditions cannot be monitored. From a security point of view, this situation is a potential threat, because many devices are likely to be unpatched or have vulnerabilities due to legacy issues, and it is more likely that the corresponding solutions for devices that are aging due to the passage of time cannot be applied. Therefore, we should strengthen the management of patches and devices, generate corresponding tools, and protect the vulnerabilities that may be exploited as much as possible.
Unsafe operating protocol. Among industrial control protocols, especially those based on serial ports, they are only considered for communication at the beginning of design, and there is no relative requirement for security. This has become the weakness and inherent loophole of the current network transmission protocol. In addition, the security considerations in the embedded operating system are relatively lacking. In old industrial protocols, data protocols such as monitoring and data acquisition often have coexisting security issues. Including the lack of communication authentication, static and dynamic data cannot establish effective protection, which makes the data in transmission often public. Although the data may not be so important, the risk of data tampering must be prevented.
The device is not secure. In addition to the defects of the communication protocol, the control equipment and the communication components themselves also have loopholes and defects. Before 2010, the world paid little attention to the security of industrial design, which also led to the fact that industrial design did not undergo the fire-zero test like IT, which led to frequent occurrence of vulnerability-related problems in the industry. This also reminds the OT industry to pay attention to the safety of the equipment itself.
IoT security issues are often more than that, including supplier dependence, security knowledge presentation and demonstration issues, etc. All these aspects remind the importance of safety all the time.