Industrial Control System (ICS)/SCADA Availability and Security Solution Overview by E-SPIN

Industrial Control System (ICS)/SCADA System is widely adopted in manufacturing, energy and utilities, chemical and petroleum industries for mission critical industrial automation.

For quick key term definition.

• Operational Technology (OT) refers to computing systems that are used to manage industrial operations as opposed to administrative operations. Operational systems include production line management, mining operations control, oil & gas monitoring etc.
• Industrial control systems (ICS) is a major segment within the operational technology sector. It comprises systems that are used to monitor and control industrial processes. This could be mine site conveyor belts, oil refinery cracking towers, power consumption on electricity grids or alarms from building information systems. ICSs are typically mission-critical applications with a high-availability requirement.
• Most ICSs fall into either a continuous process control system, typically managed via programmable logic controllers (PLCs), or discrete process control systems (DPC), that might use a PLC or some other batch process control device.
• Industrial control systems (ICS) are often managed via a Supervisory Control and Data Acquisition (SCADA) systems that provides a graphical user interface for operators to easily observe the status of a system, receive any alarms indicating out-of-band operation, or to enter system adjustments to manage the process under control.

Typical SCADA Configuration involved Control Unit for two way communication. Display information on SCADA Display Unit and remote instruction on Remote Terminal Unit (RTU) thru LAN/WAN computer network communication link.

E-SPIN hassle free package solution can be divide into two solution group – Availability and Security, or adopted for end to end infrastructure availability and security management.

As you can see from the above typical ICS/SCADA System deployment scenario and context in operation center. Managing thru the consolidated graphic dashboard is essential and immediate notify for various component availability and proactive alerting is important.

E-SPIN may visual construction of the availability monitoring system and dashboard with live status availability on top layer of the graphic display to provide visual and visibility control and management. So the operator will know in exactly which component and sub system got the availability issue and can proactive in managing them.

How “secure” for the entire ICS/SCADA in term of the any potential vulnerability (likely exploit and exploitable tested), source code 3rd party module/libraries and own source code static application security testing (SAST) to dynamic application security testing (DAST), smartphone and tablet application security testing.

E-SPIN solution for ICS/SCADA in our “Availability” and “Security” Solution Portfolio:

Entire infrastructure end to end monitoring for availability, proactive alerting

• system availability
• unusual traffic and threshold trigger
• proactive power monitoring
• link monitoring
• critical application performance monitoring (APM)
• virtualized infrastructure monitoring
• database performance monitoring
• server and embedded system monitoring
• centralized dahsboard

Entire infrastructure end to end security vulnerability management, protection

• network and system vulnerability detection
• vulnerability exploitable testing
• static and dynamic application security testing (DAST/SAST)
• software composition analysis (SCA)
• wireless infrastructure security (WLAN/AP/Controller)

ICS/SCADA System entire infrastructure as “enterprise application” or “mission critical application” that E-SPIN can help to visibility the entire “application” multiple server, component into one unified and customizable application service level agreement (SLA) interactive dashboard. From the dashboard to instant detect application “availability” up time, down time, early warning for sub system performance issue and in specific time what is really happen from application management perspective.

ICS/SCADA involved significant component for the link communication. E-SPIN may help to visualize those important and critical link beyond just how many traffic packet size, but go depth and further into “traffic analysis” level.  We help to visualize the communication link for both inbound and outbound, and provide visual real time traffic flow in term of what kind of traffic, protocol, source and destination, unusual traffic and critical application whether reserved the bandwidth required or not. It may use for perform security “x-ray” to make sure you know in exactly what pass thru your system. Without those visibility it will difficult for you to manage it in effective and efficient manner.

For ICS/SCADA system make use of modern infrastructure, cloud and virtualization computing technology. It will be essential you can maintain complete visibility into entire virtualized infrastructure for the exact virtual machine node and host, cpu/memory/interface/disk utilization and link utilization just like physical infrastructure and machine. E-SPIN may help for the “virtualized infrastructure” availability monitoring and integrated into single unified dashboard across entire ICS/SCADA for effective and efficient operation.

For ICS/SCADA make use of modern infrastructure, wireless visibility is always in concern, since if you can not visualize them, you are not able to manage them effectively. E-SPIN may help to visualize your wireless infrastructure (include your wireless AP and controller). From there you can see how many connected mobile device (whether trusted or unusual device) attached to your wireless infrastructure. From here you can understanding for noise to signal, and whether respective wireless infrastructure is overload or underload, and additional wireless device is required for optimized wireless infrastructure performance.

For ICS/SCADA Security. Put entire infrastructure and asset into vulnerability assessment and grouping them into respective industry standard for security, risk and compliance benchmark will be easy for managing security risk in the systematic way. For instance, CIP-002 Identification of Critical Cyber Assets Dashboard and Interactive Reporting.

One of the most important part for the vulnerability management (VM) is to verify and confirm for whether the particular potential vulnerability detected is likely exploitable or just false positive. E-SPIN may help to confirm by import them into world class vulnerability validation, exploitable testing before significant resources assigned for it. On top of it, E-SPIN maintain ICS/SCADA system specific latest attack signature verified and proof by industry specialist for subscriber, so you can access truly relevant ICS/SCADA system vulnerability, attack and latest early alert and warning before public at large.

How “secure” your ICS/SCADA in term of the source code quality is one of the key aspect for ICS/SCADA Security. E-SPIN may help for entire software development lifecycle (SDLC), whether your adopt traditional development process like waterfall model or modern DevOps, we had the value to offer in term of end to end or partial point solution adoption, such as static application security testing (SAST) your source code, vendor security (if you outsource the application development), 3rd party module/libraries security (if you incorporate 3rd party module/libraries into your project) thru software composition analysis (SCA), smart phone mobile/tablet application security and dynamic application security testing (DAST) your application, secure check and audit while you write your code in IDE environment, and offer various integration and automation  to simplify the SDLC and adapt for the fast cycle time of DevOps, microservices and application containers security practice.

Above present our ICS/SCADA System solution overview. Feel free to contact E-SPIN for various solution/requirement engagement and services.