Views
4 years ago

WORLD OF INDUSTRIES 6/2019

  • Text
  • Industrial
  • Industries
WORLD OF INDUSTRIES 6/2019

data recorded by the

data recorded by the field devices. New analysis and monitoring methods are easier to use if full access is granted to the process system data, which are securely extracted from the system based on the NOA concept. The figurative data diode is used in this case. It can be used to remove data from the system, while the processes cannot be accessed. The data that is easily made available in this way forms the basis of any evaluation. The data can be saved on servers or in a cloud and forwarded to the areas where the evaluation will be completed. This can be completed by internal specialists or external service providers (Fig. 2). Specification: Secure and impact-free data access However, the described concept is only advantageous to the operator if data can be accessed securely and without having an impact. The approach must also be able to be integrated into the Information Security Management System (ISMS) that is part of ISO 27000 as already stipulated in the IT Security Act for critical infrastructures. Such a system is often already implemented in non-critical systems to ensure secure operation. NAMUR has thus worked in cooperation with the German Electrical and Electronic Manu facturers’ Association (ZVEI) to develop new working groups that focus on IT security and the implementation of data diodes in actual hardware. When it comes to the automation of systems, there are various directives and standards in which the current technical standard of IT security is defined on different levels. The basic IT security stipulated by the German Federal Office for Information Security (BSI) 02 To ensure smart monitoring, the data from transmitters and valves is secured by a security router and transferred to a cloud via the Namur Open Architecture (NOA) side channel by means of the OPC UA and standard IEC 62443 “IT Security of Industrial Automation Systems” are specified as general process models. Standard IEC 62443 – complete security approach for all participants The IEC 62443 series of standards covers the general security standard for industrial automation systems. This series of standards is made up of 13 parts in which the process security requirements, functional measures, and state-of-the-art are stipulated (Fig. 3). According to NOA, the main parts are: n IEC 62443 Part 2-1 – Security Management System Requirements for Operators of Industrial Automation Systems n IEC 62443 Part 2-4 – IT Security Program Requirements for Service Providers of Industrial Automation Systems n IEC 62443 Part 3-3 – System Requirements for IT Security and Security Level of Industrial Automation Systems n IEC 62443 Part 4-1 – Life Cycle Requirements for Secure Product Development of Industrial Automation Systems n IEC 62443 Part 4-2 – Technical IT Security Requirements for Automation System Components. When developing a device with data diode functionality it is sensible to implement a security by design approach for the hardware and software. The necessary security processes and functional measures for device manufacturers, system integrators, and operators of the machines and systems can thus be implemented. Part 4-1: The product development process IEC 62443-4-1 describes the product development process for automation devices. The main element represents a process that can be used to reliably determine whether all of the security requirements have been implemented and checked. This process is completed by other security implementation features. These, for example, include a threat analysis based on the security context, i.e. the deployment scenario of the product, the “Defense in Depth” concept, and security vulnerability management, which nowadays is generally implemented by a Product Security Incident Response Team (PSRIT). AUTOMATION Part 4-2 and 3-3: Technical devices and system requirements IEC 62443-4-2 defines the technical requirements for industrial automation devices. Based on the security threat, a security level (SL) of 0 to 4 is determined and adjusted in accordance with the capabilities of the attacker. Different functional requirements are set out for the products based on the attack vector and security level. However, the implementation of functional measures must not be considered in isolation. An SL can only be achieved if the framework con- 8 WORLD OF INDUSTRIES 6/2019

General Guidelines and procedure System Components 1-1 Terms and models 2-1 Requirements on an IT security program for automation systems 3-1 IT safety technology for industrial automation systems (TR) 4-1 Requirements on product development 1-2 Dictionary with abbreviations 1-3 Indicators to determine compliance 1-4 IT security life cycles and applications for an automation system General description 2-2 IT security program implementation guidelines for automation systems 2-3 Patch management for industrial automation system (TR) 2-4 IT security program requirements stipulated by engineering companies and maintenance service providers for industrial automation systems Security requirements for operators and service providers 3-2 Security level for zones and conduits 3-3 System requirements for IT security and security level Requirements on security for automation systems 4-2 Technical IT security requirements for automation systems components Requirements on security for automation components Process requirements Functional requirements TR: Technical report 03 Overview of the various parts of IEC 62443, which covers the general security standard for industrial automation systems Process requirements TR: Technical report ditions Functional stipulated requirement in Part 4-1 regar ding a secure development process have been met. The security level of a device/system can therefore only be met by combining processes and functional measures. The functional security requirements regarding the capabilities of automation systems are detailed in IEC 62443-3-3. Here, an eva luation determines to what extent the components comply Implementation of the NOA concept in process technology requires security by design with the operator’s functional requirements. This part of the standard also determines the interface between the system integrator and device manufacturer. On this basis, devices required for implementing the security level defined by the operator can be selected. Part 2-4 and 2-1: Requirements for system integrators and operators IEC 62443-2-4 specifies the requirements on the capabilities in terms of the IT security of service providers for industrial automation systems. It clarifies the interface between the operator and system integrator, as well as the core processes during integration, commissioning, and maintenance. This, for example, includes the architecture and configuration of the automation solution, the management of user accounts, processing of events, and patch management including backing up and restoring the automation solution. IEC 62443-2-1 covers the requirements regarding an IT security program for the operator. A table specifies the requirements that should basically enable the transition to the ISM of the ISO 27000. This part of the standard also determines the security level of the system based on a threat analysis. Recommendation – start with available security routers The requirements for implementing the NOA concept are currently being defined in various working groups. These will ultimately decide which standards, technologies, and processes should be used. To ensure a gradual introduction of the approach, it is important to establish a secure connection from the NOA side channel to external systems, such as a cloud or server, by using security routers which are already available. In subsequent steps, devices that have been specially developed for implementing data diodes, can then be used. Photographs: Phoenix Contact www.phoenixcontact.com WORLD OF OF INDUSTRIES 6/2019 9

E-PAPER KIOSK: