April 01, 2021
There are several considerable roadblocks to safe and secure digital transformation efforts in manufacturing, or any industrial application where safety, security and reliability are paramount. At a high-level these areas include: Cybersecurity, Data Integration, and IT/OT interoperability and Integration.
A particular challenging area that continually tends to get overlooked is the widespread use of legacy Industrial Control Systems (ICS) in Operational Technology (OT) networks and their connectivity to (IT) networks. Despite common misconceptions, a large segment of manufacturers use pre-internet dated industrial controllers in their manufacturing plants. Why? Short answer is they were designed and built before the Internet was created and they work, are reliable, and are costly to upgrade or take off-line. They are, however, not secure from connected networks.
The problem is not so much the hardware equipment, it’s the technology that runs them. Legacy ICS operate using decades-old serial protocols/communications and this technology is not going away anytime soon. Industrial automation manufacturers are still opting for serial connectivity because it is reliable and universally supported. With regard to digital transformation, this presents challenges in the form of:
- Data Integration
- IT/OT interoperability
Serial protocols are intrinsically insecure. Protocols such as Modbus, DNP3, IEC101, BACnet MS/TP, and Profibus were developed pre–Industrial Internet of Things (IIoT); hence they weren’t designed with security in mind. Historically, serial-connected ICS were safeguarded through network segmentation and air-gapping strategies. Nowadays, however, security boundaries are becoming increasingly blurred by IT/OT convergence and digital transformation efforts.
Contrary to what many ICS cybersecurity providers might lead you to believe – ICS Cybersecurity is far from one-size-fits-all territory. More contemporary and conventional TCP/IP-based cybersecurity solutions lack visibility into ICS serial communications. Consequently, internet connected serial-based ICS environments are susceptible to several cyber and operational vectors and attacks.
Exacerbating the problem is the fact that operators feel compelled to introduce insecure tools such as Serial-to-Ethernet-Converters/Serial Gateways to enable interoperability. While these tools undoubtedly support digital transformation, they do so at the peril of the devices’ integrity and overall cybersecurity posture.
Legacy ICS cybersecurity should be a cause for concern for even the smallest of manufacturers. Cybercriminals are getting more sophisticated and are pivoting towards supply chains. A small manufacturer could easily suffer collateral damage from a largescale cyber campaign directed at their manufacturing operations.
2. Data Integration
Digital transformation has paved the way for Big Data. Likewise, manufacturers are becoming more data-centric by embracing the valuable insights data and analytics can provide. As more plants adopt a data-driven approach, it is becoming increasingly evident that Legacy ICS create a major hurdle to Big Data initiatives.
Legacy ICS often lack sufficient and secure access to information held within the devices as well as adequate and scalable reporting capabilities. Effective digital transformation requires organizations to securely extract the operations serial communications data in real-time and normalize it to integrate with modern networks and enterprise management systems. While many plants have initiated serial data integration, it is usually poorly executed by cut corners and the lack of know-how.
3. IT/OT Interoperability
Compounding the problem is the complexity of serial data. IT organizations have to rely on ICS experts to interpret and integrate the (OT) communications, which can be costly and time-consuming as well as a barrier to effective IT/OT interoperability. Digital transformation requires IT/OT activities to be consolidated to improve efficiency and maximize output. To do this, they need to standardize data intelligence so both parties can converse in the same space.
Serial data generated from industrial control environments still make up a remarkable part of manufacturing environments and is still a grey area of mystical proportions for many. These environments also present a compatibility issues where data and business intelligence is concerned. To overcome this, manufacturers need to be able to correctly identify and implement a set of solutions that can safely and securely normalize the disparate data so it can be understood by all levels of the organization as well as normalize the priorities, challenges and differences between IT and OT operators.
How to Overcome the Roadblocks
The good news is you do not need to rip and replace your legacy assets, nor do you need to outsource expert help to securely monitor, analyze, and integrate your serial data. With Cynalytica’s SerialGuard AnalytICS Platform you can safely monitor and protect your legacy ICS, and get actionable insights about your industrial control environment. The platform passively taps and contextualizes communications between serial-connected devices to provide accurate visibility into the operational health and cybersecurity posture of your legacy infrastructure. It normalizes serial data into a structured format so it is easily understood and can be seamlessly integrated with enterprise management systems to support interoperability across the organization. Ultimately, the SerialGuard AnalytICS Platform will provide you with the data you need to enable digital transformation and deliver results.