How to make ABB distributed control systems secure, compliant and even more reliable
Cyber attacks on critical industrial infrastructure are a fact of life. They are happening with increasing frequency and are a global phenomenon, affecting developing and emerging economies as well as wealthy developed countries alike.
In the European Union, for instance, the losses caused by these intrusions can be as high as 1.6% of gross domestic product, costing tens of billions of dollars annually. The sectors most prone to attack are finance; information, communication and technology (ICT); and energy, including power generation. About half of all incidents in the EU are attempts to disrupt operations at a target through denial of service (DoS) or overwhelm the target with traffic from multiple sources in a so-called distributed denial of service (DDoS).
The number of cyber attacks on a daily basis can be seen at www.digitalattack.com, which shows live data of DDoS attacks around the world. On August 25 2016, for instance, there were large-scale DDoS attacks on the USA, Chile, Ireland, the UK, Denmark, Romania, Saudi Arabia and Hong Kong; and unusually high volumes of attempted disruptions in Jersey (the Channel Islands), the Philippines, Morocco and Mozambique.
Cyber attacks are now so common that the US National Cybersecurity and Communications Integration Center, in a 2015 report, says “For many industrial control systems (ICSs), it’s not a matter of if an intrusion will take place, but when.” The same report lists seven strategies through which companies can protect their industrial control systems from 98% of all incidents. Three of these strategies alone would prevent 84% of cyber attacks. These are: implementing application whitelisting to prevent unauthorized programs from running; ensuring that a proper patch management program is in place; and reducing the attack surface area of the control system by isolating it from untrusted networks like the Internet.
Cyber security compliance
In many countries the main factor driving power plants to strengthen their cyber security is compliance with the guidelines of national regulatory bodies or adherence to the minimal requirements imposed by IT companies or the plant’s corporate IT department. Whereas many companies and plants have already attained a high level of security and have the skills and procedures in place to maintain it, there are many others who do not have the expertise and tools to meet those guidelines or requirements.
This is where ABB can deliver considerable value by helping customers to implement their compliance program and meet the required regulatory guidelines or IT requirements, including the seven strategies identified by the US National Cybersecurity and Communications Integration Center for repelling 98% of attacks.
ABB has a unique position in distributed control systems, especially those for critical industrial infrastructure. The company is, according to ARC Advisory Group, not only the global leader in distributed control systems, but the number-one DCS vendor for big infrastructure industries like power generation, oil and gas, pulp and paper, mining and metals. This automation and process expertise, in combination with long-established system security know-how, allows ABB to minimize the cyber risk for its customers’ control systems and production processes.
ABB’s philosophy is essentially two-pronged: to work with customers to create a defense-in-depth approach to cyber protection, where multiple security layers detect and deter threats; and to embed cyber security at each stage of the DCS product life cycle, from design and development to operation and maintenance.
Securing the workplace
A key component of ABB’s cyber security offering is Security Workplace, which is designed specifically for the power generation industry. It helps customers with ABB or multi-vendor systems to achieve and maintain cyber security compliance without risking system reliability.
Security Workplace comprises an integrated suite of security applications and tools for assessing and strengthening DCS cyber protection. These include fingerprinting to gauge the ability of the control system to withstand attack; patch delivery to evaluate all software updates from Microsoft and other vendors for relevance and system compatibility; application whitelisting to ensure that only approved software and processes are allowed to run; and file sanitization to minimize the risk of introducing an infected file into the control system.
Global and local resources
One of the strengths of ABB’s cyber security resources is that they are both global and local in extent. On a global level ABB has long played an active role in defining and implementing cyber security standards for power and industrial control systems worldwide. And our independently operated Device Security Assurance Center tests the robustness and resilience of the devices we embed in our control systems.
On a local level, each of our eight power generation service hubs has dedicated cyber security expertise, with deep knowledge of local regulatory requirements and power generation markets, ready to help customers with their cyber security issues.
A secure system is a reliable system
When we ask customers to evaluate Security Workplace, their most common response is that “It makes our DCS run better.” This is not as surprising as it may seem, because making a control system cyber-secure requires updating critical parts and fine-tuning system performance. A secure system is by definition more efficient and more reliable than one that is not.