Using CIP Security to Strengthen Your Defense In Depth Strategy
May 11, 2020
By Oliver Haya, Business Development Manager, EtherNet/IP Technology Adoption, Rockwell Automation
Industrial operations are increasingly becoming the target of cybersecurity attacks. There are new devices adding network connectivity as they migrate from traditional fieldbuses and standalone operation. Additional connections are being created between the IT and OT space and machine builders increasingly offer analytics if their machine can be connected to the cloud. International standards for cybersecurity, known as IEC 62443, are being updated and expanded, including requirements for end users, system integrators, and device manufacturers. These standards require defense in depth strategies to reduce the risk of attacks that cause harm considering the additional connectivity.
As you advance the cybersecurity of your operations, you need more capability at deeper levels of the defense in depth strategy. Have you performed cybersecurity assessments, minimized your attack surface with cybersecurity essentials and implemented best network segmentation practices? If you’re ahead of all these, you’re on the right track!
Even once you have strong security policies and protections, adding security at each layer improves your resilience against attacks. For example, how will you protect your process if a malicious actor has access behind your firewall? You may be susceptible to various attacks that need additional measures to mitigate.
What do you mean, a firewall isn’t enough?
A malicious actor could create an unauthorized connection to hardware in your system by pretending to be another kind of device. This has been demonstrated recently in industrial automation, with an imposter computer improperly configuring devices and injecting code based on insecure identification credentials.
Another attack type that’s possible without communication integrity is the man-in-the-middle attack and a variant of that – the replay attack. During these attacks, someone would intercept and modify data between two devices, sometimes after collecting data that can be used to mimic normal operation. That could mask abnormal behavior that can cause equipment damage or endanger human safety.
Cybercriminals could also gain proprietary information by snooping on the network traffic between industrial devices. Whether those are secret recipes going from the MES to the PLCs, analytic data that could be used to steal manufacturing best practices, or production volume information that could be used to short stocks, data transmitted without confidentiality could be used for harm.
Every layer of defense helps, so get to the devices
To bolster security at the device level and reduce the risk of those attacks, IEC 62443-3-3 and IEC 62443-4-2 include common minimum requirements for device identity, integrity and authenticity of communications, and options for confidentially transmitting data. Four of the requirements in the standard (SR 1.2, SR 3.1, SR 3.13, SR 4.1) are almost impossible to implement at a system level without the right hardware and firmware at the device level. If you want to use devices from multiple vendors that meet those system requirements, standards and conformance testing are needed.
The CIP Security™ protocol is an open standard from ODVA, which helps solve important communication requirements that device vendors using industrial Ethernet cannot solve themselves. This standard is the only standard designed for securing communications between PLCs and devices. The CIP Security protocol provides mechanisms for validating device identity, device authentication, data integrity and data confidentiality. All three of the functional requirements and their requirement enhancements can be met using CIP Security and configured using FactoryTalk Policy Manager.
Rockwell Automation is releasing CIP Security on more products each year and other vendors are adopting this standard right now. Some of upcoming devices include retrofit opportunities to reduce the risk of cyber incidents with existing equipment too, so don’t think that you must wait for a greenfield plant to make improvements. Start considering when and how you will add more layers to your defense in depth.
