One of the reasons often cited for not using wireless networks, especially in an industrial setting, are the concerns related to security — or, more accurately, cybersecurity. Though it is true that a wireless signal propagates in many directions, this does not mean it is freely available to be compromised.
The two primary industrial wireless protocols — WirelessHART and ISA100.11a, which are based on IEEE802.15.4 radio technology — use both Frequency Hopping Spread Spectrum (FHSS) and Direct Sequence Spread Spectrum (DSSS) technology. These two Data Link Layer (DLL) security features work together to protect the system from outside attacks. DSSS divides the information signal into small fragments that are spread across the available frequency channel, while FHSS is used to select alternating channels for data transmission in a pseudo-random sequence. The channel change happens on a packet level, meaning the transmission of a packet will take place on one channel, while the next packet transmission will be on another channel, thus making it very difficult to capture packets and gain access to the network in the first place. The standards also include additional security features in the communications layers to protect from someone who managed to get on the network. This end-to-end communication layer message protection is handled by the Network Layer (NL) for WirelessHART and by the Transport Layer (TL) in ISA100.11a.
Both standards also support cipher block chaining message authentication code (CCM) mode in conjunction with Advanced Encryption Standard (AES)-128 (standard with 128-b block size) block cipher using symmetric keys for message authentication and encryption to provide both data authentication and privacy.
The above is only one step in providing a secure control environment, especially now that control systems are being tightly integrated with business systems. Fortunately, there is a significant effort underway in the cybersecurity space based on work done in the 1990s at the British Columbia Institute of Technology (BCIT) Internet Engineering Lab under the leadership of Eric Byres, who is now leading the Tofino team at Belden. This effort is continued by a strong contingent of Canadians, including Eric Cosman, chairman of the ISA99 committee; Gabriel Faifman and the Achilles team at Wurldtech; Tony Capel of Comgate; and my former supervisor at Syncrude Canada Ltd., Aris Espejo, to name just a few.
As a result of Byres’ work, ISA began development of the ISA99 “Industrial Automation and Control Systems Security” series of standards. The original and ongoing ISA99 work is being used by the International Electrotechnical Commission (IEC) in producing the multi-standard IEC 62443 series described below:
• ISA-62443-1-1 (IEC 62443-1-1) “Security for Industrial Automation and Control Systems – Terminology, Concepts and Models” was originally issued as ISA-99.00.01-2007 by ISA in 2007. It forms the foundation for the ISA-62443 (ISA-99) series by defining the common terminology, concepts and models for the remaining standards in the series. Work group 3 is currently working on a second edition of the standard, which will introduce normative content and reflect changes to common material that has been developed since 2007, including incorporation of concepts from other organizations in Europe, as well as the NERC (North American Reliability Council) CIP (Critical Infrastructure Protection) documents. In particular, CIP 5, which was released as version 5 in November, must be implemented by all North American Power generators above a certain size by April 2016.
• IEC 62443-2-1:2010 “Industrial communication networks – Network and system security – Part 2-1: Establishing an industrial automation and control system security program” defines the elements necessary to establish a cybersecurity management system (CSMS) for industrial automation and control systems (IACS), and provides guidance on how to develop the policy, procedure, practice and personnel-related elements necessary for a secure control system.
• IEC 62443-2-4 “Security for Industrial Process Measurement and Control – Network System security, certification of IACS supplier security policies and practices” is scheduled for release in a year.
• IEC/TR 62443-3-1:2009 “Industrial communication networks – Network and system security – Part 3-1: Security technologies for industrial automation and control systems” is a technical report that provides an assessment of various cybersecurity tools, mitigation counter-measures and technologies that may effectively apply to the modern electronically based IACSs regulating and monitoring numerous industries and critical infrastructures. It describes several categories of control system-centric cybersecurity technologies, the types of products available in those categories, the pros and cons of using those products in the automated IACS environments relative to the expected threats and known cyber vulnerabilities, as well as preliminary recommendations and guidance for using these cybersecurity technology products and/or countermeasures.
• IEC 62443-3-3:2013 “Industrial communication networks – Network and system security – Part 3-3: System security requirements and security levels” defines how the “zone and conduit” defence in depth architecture recommended in the earlier standards can be used to implement the control system requirements (SRs) associated with the seven foundational requirements (FRs) described in IEC 62443-1-1. These FRs include defining the requirements for control system capability security levels, SL-C (control system) that define communications via zones and conduits for the system under consideration (SuC) for implementing the appropriate control system target SL and SL-T (control system), for a specific asset.
More information on the work of ISA99 can be found at http://isa99.isa.org/ISA99%20Wiki/Home.aspx. Information on the latest version (5) of the NERC CIP is at http://www.nerc.com/pa/ci/pages/transition-program.aspx.
Remember, the field sensor network — whether it uses a wired fieldbus or a wireless network — is but one piece of an integrated system. Cybersecurity continues to be a critical consideration in the design of digital communications systems.
This column originally appeared in the May 2014 issue of Manufacturing AUTOMATION.