Deploying wireless communications into an industrial environment can be a daunting task if not approached in a careful, methodical manner. While there are benefits of applying wireless technology in an industrial environment, there are many considerations to take into account including reliability, frequency management, safety, and security. The National Institute of Standards and Technology (NIST) recently released their Guide to Industrial Wireless Systems Deployments in order to help industrial organizations "design, assess, select, and deploy secure wireless systems that can perform dependably" in industrial environments.They act as best practice guidelines which are technology and vendor agnostic and provide a succinct guide which can be referenced throughout the entire wireless deployment lifecycle.
Security in Industrial Wireless Systems
An important topic of discussion presented by the NIST guidelines is the role of security in wireless industrial control systems. In these systems the emphasis of security is commonly to ensure system availability first and foremost, with integrity being the secondary focus. A loss of system availability due to a malicious signal jamming, for example, can impact plant operations and result in work stoppages or other unacceptable downtime. Similarly, if an attacker can manipulate values being communicated by a sensor, then the integrity of the data is compromised and could result in out-of-tolerance production flows. Confidentiality is still important, but the impact of an attacker intercepting industrial systems communications is typically not as severe as it would be in a traditional Information Technology (IT) environment.
Security From The Start
When deploying wireless industrial control systems, it is important that organizations define security as a key wireless system requirement and take the Availability, Integrity, and Confidentiality of the proposed system into consideration during the candidate selection process. For example, Applied Risk has performed intensive analysis and testing of the ISA100 and WirelessHART wireless ICS protocols, among others, which were designed from the ground up to provide secure communications. These protocols have several risk-mitigating controls built-in, including:
- Availability: ISA100 and WirelessHART devices can be configured as mesh networks to provide alternate path routing in the event a primary path goes down; additionally, they can dynamically react to frequency interference to avoid using those channels until the interference has cleared up.
- Integrity: Both protocols implement message sequencing and secure message integrity check algorithms to validate that a received packet has not been seen before and has not been tampered with.
- Confidentiality: ISA100 and WirelessHART utilize strong encryption to protect the contents of communications.
However, even with these features, not every solution is the right solution for every organization. Rather, the right solution should be determined by partnering with a trusted technical advisor and adopting a thorough candidate evaluation and selection process as recommended by NIST.
Additional Security Considerations
Wireless security management extends beyond the initial candidate selection process, and accordingly NIST makes several other recommendations to take into consideration when deploying and maintaining wireless industrial control systems, including:
- Network Segregation: Splitting industrial networks into zones and conduits and separating the industrial network from the enterprise office network as specified by the standard for ICS Security, IEC 62443. For example, appropriate network segregation can limit the amount of damage caused by a security incident by preventing the spread of malware to other zones.
- Physical Security: Physical security should be implemented to protect wireless access points, gateways, and devices. Unsecured devices in insecure locations can be tampered with, impacting the availability and integrity of wireless resources.
- Default Passwords and Keys: Default passwords and keys should not be used once the system is installed. It should always be assumed that a malicious actor will gain access to even properly segregated networks, and a wireless controller using a default login password will be an easy target. Similarly, network encryption keys and secrets should be changed to prevent an attacker from eavesdropping on wireless communications.
- Network and Spectrum Monitoring: Wherever possible, logging and monitoring of wireless communications should be performed to detect anomalous activity patterns. For example, deploying a wireless spectrum analyser can provide alerting when there is excessive interference on the in-use channels which could indicate malicious signal jamming or other destructive interference. Additionally, configuring logging on wireless gateways can provide valuable information in the event of a security incident or other wireless service disruption.
In addition to the NIST recommendations, Applied Risk also recommends the following measures to improve security:
- Limit Implementation to Non-Safety Devices: While industrial wireless protocols can provide reliable communications, they can still be susceptible to interference and as such Applied Risk recommends using only wired technology for safety systems. While extremely rare, even a minute risk of radio interference impacting a safety system is unacceptable to most organizations.
- Device Testing: Prior to deploying a wireless solution, the devices to be installed should undergo Security Factory Acceptance Testing. This process provides an in-depth assessment of the device hardware and configurations to validate that security requirements have been met prior to deployment.
Wireless technology is a complex subject requiring extensive knowledge to fully understanding the technical challenges involved with system selection, deployment, and security. With the increased adoption of new wireless protocols such as LoRaWAN, Zigbee, ISA100, and WirelessHART, in-depth investigation is needed to understand the advantages and disadvantages of available solutions. The NIST Guide to Industrial Wireless Systems Deployments provides best practice guidelines that organisations can use when working with their technology suppliers to make confident decisions in selecting and deploying the right wireless technologies.
Applied Risk provides organisations with expert industrial wireless security consulting and assessments, including network architecture consulting, physical security assessments, and industrial wireless penetration testing to ensure secure operation of industrial wireless systems. Click here to learn more.