Control System Cyber Security
curate or compromised , situational awareness is suspect . Monitoring changes in the electromagnetic spectra of Level 0 , 1 devices could detect sensor anomalies , whether unintentional or malicious . 20 Specifically , such technology could determine the origin of the sensor signal which provides signal authentication . This can address the concerns identified in transformer hardware backdoors . The technology could also distinguish between ostensibly identical sensors which can go a long way towards identifying counterfeit devices that include communication and spoofing capabilities . The validity ( and implicit authentication ) of these devices would be strengthened by monitoring their electromagnetic spectra and electrical signal characteristics over time .
Monitoring the electromagnetic characteristics of process sensors ( e . g ., pressure , level , flow , temperature , voltage , current , etc .) would provide a direct view of the process . These characteristics would allow interpretation of any sensor changes whether from sensor drift , process changes , coils heating , unusual equipment vibration , sensing lines clogging , and , importantly , cyber-induced changes . Since the electromagnetic properties are physics , they cannot be hacked .
Control System Cyberattack Transparency
There are , as noted , a limited number of control system manufacturers serving the majority of industries globally . Security sometimes includes common passwords that cross industries and continents . There are also a finite number of major system integrators who also work across industries . Control system vendor users ’ groups are often open with common information sharing portals . It should be evident there is dissemination of control system knowledge that is accessible by both defenders and attackers .
Older control system vulnerabilities may be sufficient to gain entry and cause the desired impacts . Defenders often focus on the latest network attacks without considering the physical impacts that may or may not be created . Consequently , there is a need to understand and adapt to the myriad approaches that attackers are using . There is also understandable reluctance to make information about control systems broadly available because of concern about adversaries . But this reticence to share information can hurt defender capabilities , as attackers will be driven to seek the latest information .
The US Department of Homeland Security ( DHS ) Cybersecurity and Infrastructure Security Agency ’ s ( CISA ) vision on securing ICS includes an “ ICS community faster and smarter than its adversaries , where ( the community ) raises the cost , time and complexity thresholds for successful ICS attacks to the point that they exceed the capabilities of even the most advanced threat actors ” ( CISA ,
20 Lopez , J , Perumall , K ., & Yoginath , S . “ Detecting Sensors and Inferring their Relationships at Level- 0 in Industrial Cyber-Physical Systems ,” Proceedings of the 2019 IEEE International Symposium on Technologies for Homeland Security ( HST ), November 5-6 , 2019 .
127