Hackers are always gravitating towards the easiest systems to exploit and Industrial Control Systems (ICS) are now among the most popular hacking attack targets. If control systems (like programmable logic controllers) are not security tested and verified, there is no way of knowing how secure the industrial system infrastructure really is. The penalty for avoiding such testing is vulnerability to cyber attacks.
National governments have taken the lead in this area by establishing ICS test labs. Industrial Control Systems are essential to the operations of these government agency-controlled federal facilities. The biggest threats to ICS security are malware, inside actors, web attacks, SQL injection (a code injection technique that attacks data-driven applications), and accidental failures. According to the ICS Cyber Emergency Response Team (ICS-CERT), a US Department of Homeland Security program, 257 cyber incidents were reported in 2013 from across the 16 critical infrastructure sectors they support. This represents an increase of 30% over 2012.
Although governments have taken the lead in establishing these labs, the commercial sector is close behind in utilizing labs to combat cyber attack-induced downtime. One of the challenges that both governments and private enterprises face is the fact that control system hardware, software and firmware were traditionally manufactured by vendors with ease-of-use in mind as a top priority. Security was often an afterthought. This has changed in recent years however, as industry-leading manufacturers of major Industrial controls systems are now building new products that are “hardened” from a cyber security perspective.
How an industrial controls system test lab works
The purpose of an ICS test lab is to understand how new hardware and software components behave in a network and to identify any inherent security weaknesses. Those who manage the lab define the process for how vendors and employees receive approval for both maintaining and upgrading control and management systems. The job of the lab is to execute the following:
- Determine whether Programmable Logic Controllers (PLCs), Direct Load Controllers (DLCs), software, servers, and workstations are properly secured.
- Prevent the ICS network from being used as an attack vehicle against the business network.
A typical ICS Lab requires upfront capital investment. It consists of a separate, dedicated network that replicates the essential hardware, software and firmware elements of the live production network. When cost justifying such a lab, the relatively modest costs need to be weighed against the elevated risk of losing millions of dollars as the result of a cyber attack and, in some cases, the potential threat to human lives.
Lab testing determines whether the proposed new product performs as intended from a cyber security perspective. Key elements include determining how the product interconnects to other systems, and the scope of the product testing exercise (i.e., tested as part of a larger system, or tested as an enterprise-wide component). The criticality of the product also needs to be determined as well as whether the system being tested relies on other control systems.
Throughout the testing, each security defect is flagged, and the type and level of risk of each defect is identified. By running these products through the battery of tests, the ICS lab allows test engineers to reach factual conclusions regarding the security levels based on firm data-driven results. A formal report is produced once each item is fully tested. The process for the testing is outlined in a report and results from regression and stress tests are posted.
Schneider Electric can play an important role in helping end users to configure a proper test lab. To learn more, access our free white paper, “How Test Labs Reduce Cyber Security Threats to Industrial Control Systems.”