Industrial Internet Security Framework v 1.0 | Page 86

Security Framework 9.2 9: Protecting Communications and Connectivity INFORMATION FLOW PROTECTION Information flows are any information in motion, including IP messages, serial communications, data flows, control signals, removable media, printed reports and data carried in human minds. Controlling different types of information flows protects them against attackers. Online information flows are generally the flows most accessible to remote attackers bent on sabotage or data theft by pivoting through intermediate systems and networks. 9.2.1 CONTROLLING INFORMATION FLOWS IN BROWNFIELD DEPLOYMENTS It can be costly to recertify the safety and reliability of hardware and software components. For example, regulations for discrete manufacturing in some jurisdictions demand that certain classes of automated equipment can operate at a manufacturing site only if all the equipment, hardware and software, has been safety-certified by a third party. None of it may be put into production without recertification. Vendors using commercial operating systems are often unwilling to pay the cost of recertification for security updates, technologies and methods. Consequently, equipment is often out of date. Even brand-new equipment may need: • • • physical security measures to prevent unauthorized personnel from physical contact with sensitive equipment and networks, network perimeter security controls to prevent unauthorized messages from reaching sensitive equipment and networks and passive network intrusion detection to monitor suspicious communications patterns. These approaches have been preferred for brownfield networks because they do not change any parts, and so do not require recertification. Whether that is sufficient for a given system should be determined during risk analysis. 9.2.2 NETWORK DATA ISOLATION A channel is an independently identified, managed and monitored data flow at the transport, framework or application layer. There are three basic communications channels that are commonly defined: data, control and management channels. Each channel should be isolated from the others and managed and monitored separately, for example by using separate TCP connections, separate wireless frequencies, or separate publish/subscribe topics on a common event bus or message broker. Figure 9-4 Communications Channels between IIoT Endpoints IIC:PUB:G4:V1.0:PB:20160926 - 86 -