The last decade has seen huge growth in wireless process instruments and other field devices. While there was a brief time of protocol development, most suppliers and end users have settled on either ISA100.11a (IEC 62734) or WirelessHART (IEC 62591). These two protocols are similar in many ways, including use of the IEEE 802.15.4 radio, but their differences make them incompatible. Some end users have embraced wireless technology rapidly because it offers many advantages for deploying instrumentation and other devices in difficult environments where conventional wiring is expensive or otherwise impractical. At the same time, other users have taken a more conservative approach, not fully convinced that devices depending on radio rather than direct wiring can be sufficiently reliable and secure. After all, radio wave signal propagation can be disrupted in various ways, and its nature makes it difficult to limit where the signal may travel. In this time of concern about cyber security, is it prudent to have such devices using radio communication in critical applications?
Encrypted communication
ISA100.11a and WirelessHART both use sophisticated encryption methods, including 128-bit Advanced Encryption Standard (AES) block cipher. But what does this mean, and does it ensure security? As mentioned before, the two main protocols are incompatible. While there are many similarities, there are also many differences. For purposes of this discussion, we will concentrate on ISA100.11a. “ISA100 Wireless security operates at two levels, in the transport layer and the data-link layer,” says the ISA100 Wireless Compliance Institute (WCI) website (Picture 1). “Transport layer security protects your data. It provides end-to-end assurances that mission-critical messages received are secret and authentic. Data-link layer security protects the network. It provides hop-by-hop assurances that each message is flawlessly transmitted to the next hop, with detailed performance and security diagnostics accumulated at each point.” So what does this mean? Encryption is very important to the extent it is impossible to build any kind of secure wireless network without it. Providing security at two levels in this manner is, for all practical purposes, unbreakable. This method has not been broken, and there is no known technology available today able to break it. However, while it makes the transport mechanism rock solid, there are many other elements to the larger security picture.
Picture 1: ISA100 wireless security operates at two levels: the transport layer and the data-link layer
Wireless service denied
Should the possibility of a DOS (Denial Of Service) attack make you think twice about using wireless instrumentation? It shouldn’t stop you entirely, but it should make you think about how you apply it. Ask yourself what would happen to your process if such a disruption actually occurred. Devices designed to jam other signals, whether crude or sophisticated, have to be relatively close to the signals they mean to interrupt, and they have no capability to gather information or serve as a method for gaining access to another network. They are the cyber security equivalent of throwing a brick through a window. Jamming devices are not difficult to detect so they can usually be located and disabled. Interference that causes jamming can also come from other unintentional sources, so disruptions should not always be seen as an attack. Poorly shielded equipment elsewhere in your plant can cause radio-frequency interference (RFI) that is just as troublesome. In some cases this may require moving the RFI source or network assets to points where the interference is blocked by a building or other plant infrastructure.
How to decrease risk
Wireless field device networks need to be protected following the same basic methods as wired networks. Various network segments should be separated with appropriate demilitarized zones (DMZs) and firewalls to limit movement from one part of the network to another. Supply chain practices should ensure reliance on trusted suppliers with proven security track records. Verifying all the various settings of routers and gateways is critical. Don’t leave inadvertent entry points for hackers because you have not turned off some feature, including those you don’t yet realize are there. Hackers know those points and look for them. You should too. Don’t give away too much information. Hackers look for specific kinds of equipment and specific configurations where they know there are vulnerabilities. Don’t give away information about your networks and the way they’re set up.
Source: Control Engineering, Jeff Melrose - the principal technology strategist for cyber security at Yokogawa Corporation of America.
No comments:
Post a Comment