With the development of the Industrial Internet , new industrial production models and product forms necessitate a re-examination and redefinition of the connotation and extension of industrial control system security. Based on a summary and analysis of the current status and problems of industrial control system security, this paper proposes a security concept, methodology, and formal description for industrial control systems based on intrinsic security.
1. Current Status and Problems of Industrial Control System Security
In recent years, many products and solutions have emerged to address the security of industrial control systems, playing a role in information security. However, overall, significant problems still exist, specifically in the following aspects:
(1) Industrial control security solutions are mainly focused on protection, and are a cut of traditional information security technologies rather than tailor-made; the targets are mainly networks and hosts, and the so-called abnormal audits are based on incomplete datasets and traffic, rather than behavioral analysis based on industry production rules.
(2) A few of the enhanced functions based on industrial control devices are also aimed at improving availability in order to achieve high reliability. The means used are redundancy, fault tolerance and voting mechanisms, which double the cost and are obviously not suitable for price-sensitive industrial production.
(3) The so-called defense-in-depth integration system seems to integrate information security protection measures. However, the problems are: first, it sacrifices "real-time" and trades time for space; second, the cost is too high; and third, the protection is too heavy and excessive.
(4) There is a lack of security testing, detection, evaluation and assessment standards for business application scenarios. Moreover, the enterprises have limited professional knowledge, business capabilities and technical level, resulting in poor industry adaptability of protective measures and difficulty in carrying out security situation perception, analysis and early warning services for the entire industrial production landscape.
The root cause lies in the fact that current industrial control system (ICS) security treats ICS as isolated entities, when in reality, an ICS is a tightly coupled and interconnected whole. Information security vendors and control system vendors, based on their respective technologies and understandings, overemphasize security in certain areas, failing to organically integrate functional safety, information security, process safety, and operational control security. This results in current ICS security solutions remaining confined to "protection," adhering to traditional information security concepts of partitioning and boundary protection, without delving into the intrinsic causes and interrelationships of ICS security.
The biggest difference between industrial control system security and traditional information security is that it is based on business and process, and must be combined with process and business requirements for application scenarios. Simply using a "zero-sum mentality," the "barrel theory," or trying to solve industrial control system security problems with a unified technical approach is biased.
2. Returning to the essence of industrial control system security
Industrial control systems are automatic control systems composed of computer equipment and industrial process control components. They include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), Programmable Logic Controllers (PLCs), Remote Control Units (RTUs), sensing/monitoring/control/diagnostic systems, as well as related information systems such as Manufacturing Execution Systems (MES), historical databases, graphical interfaces, and Enterprise Resource Planning (ERP) systems. Industrial control system security involves equipment safety, functional safety, and information security, covering the control layer, network layer, system layer, and management layer, and spanning the entire lifecycle of design, development, implementation, and operation.
Functionally, they can be divided into production functions and safety functions. Production functions include production operation control systems, such as basic process control systems, process control systems, and production operation control systems. Safety functions include safety instrument systems, safety control systems, safety protection control systems, and safety monitoring and control systems.
A secure industrial control system consists of an industrial control system and a safety assurance system. The so-called industrial control system security (comprehensive security) refers to the functional safety attainability of the industrial control system's design goals throughout its lifecycle. Essentially, it aims to achieve the availability of the industrial system by comprehensively utilizing functional safety, information security, and other technical means and protective measures to ensure the safe and stable operation of the industrial system throughout its lifecycle. Traditional industrial safety theories and single technical methods are no longer sufficient to guarantee the safe and stable operation of industry. Only by establishing new theories and technological innovations based on industry business rules can the inherent security of industrial control systems be addressed. The essential security concept of an industrial control system is illustrated in Figure 1.
Figure 1. Essential security diagram of industrial control systems
3. Intrinsic Security Innovation Theory
Given the "two finite" principle (limited legal states and limited legal instructions) of industrial control devices, under the conditions that states can be clearly enumerated and the number of legal instructions in each state is limited, the operating status of the execution device and control equipment, as well as the received and issued instructions, are all monitorable and detectable. Any abnormal state caused by external attacks or misoperation, as well as illegal instructions, can be detected by the risk prevention and situational awareness system. Targeted measures such as alarms and refusal to execute (after authorization) can be taken to prevent malfunctions.
Industrial control system (ICS) security is a methodology oriented towards ICS security; it is a collection of methods and technologies. By fully utilizing ICS big data and artificial intelligence technologies, and constructing multi-level vulnerability models, it achieves security at different levels of the system, ultimately realizing proactive, in-depth defense for the entire ICS system based on these three levels of security.
• As an individual device, the equipment, combined with hazard prevention, forms the equipment body. The hazard prevention module performs hazard prevention measures on the equipment, while uploading the monitored data to its respective field-level main body system. Based on the rules, when abnormal operation is detected, it provides suggestions to the user (existing) or triggers the equipment's built-in safety handling functions (incremental).
• The equipment itself, combined with the associated mode and information security module, forms the field entity. The field entity plays a bridging role, on the one hand receiving security monitoring data from the equipment itself, actively detecting the operating status of the next-level entity for early warning analysis, and on the other hand uploading field-level data to the system and receiving dynamic perception data from the system to adjust the expert knowledge base and rule base.
• The field ontology, combined with system situational awareness and information security, forms the system ontology. The system ontology receives data from the field-level ontology, performs overall situational awareness, and distributes the system situation to each field ontology.
Figure 2 shows a schematic diagram of the safety of the industrial control system.
Figure 2. Schematic diagram of industrial control system safety.
Based on the principles of engineering cybernetics, three levels of industrial control entities are established: equipment, field, and system. By utilizing technologies such as information security and artificial intelligence, crisis prevention mechanisms for individual industrial control entities at each level are established to achieve proactive defense. By analyzing the attributes and relationships of individual industrial control components, a correlation model for collaborative defense is established. Through situational analysis of events, full lifecycle security protection is achieved.
4. Industrial control system security based on industry application scenarios is the future development direction.
With the development of the Industrial Internet, technologies such as the Internet of Things, edge computing, cloud computing, big data, 5G, and artificial intelligence are having an increasingly profound impact on industrial production activities. The deep integration of automation and informatization is accelerating, which will bring profound changes to industrial production methods and give rise to new forms of industrial control products. Therefore, it is necessary to re-examine and redefine the connotation and extension of industrial control security.
Against the backdrop mentioned above, the security of industrial control systems is the cornerstone of ensuring the stable operation of industrial businesses. However, the increasing functional requirements and comprehensive integration of technologies have brought about increasingly prominent security risks that are difficult to protect against with simple measures. Traditional information security and functional safety approaches, technologies, and measures are becoming increasingly inadequate and unable to meet the requirements of business development.
Differences in industry processes leading to variations in equipment, along with the need for confidentiality in production data, present obstacles to industrial control system (ICS) security. The underlying knowledge is a core competitive advantage for enterprises. Each industry has different requirements for field control devices and control systems due to variations in production processes. Specialized equipment, based on specific business application scenarios, also has different functions. Consequently, security requirements vary widely and are highly individualized. Therefore, ICS security must be tailored to the specific characteristics of the process and business operations; there is no universal "blanket solution."
5. Conclusion
In summary, the industrial control system (ICS) security situation is severe, lacking mature theories, core technology systems, and targeted solutions and service models. Past ICS security incidents demonstrate that relying solely on existing information security and functional safety protection measures is far from sufficient. There is still a long way to go in terms of ICS security theoretical systems, technical frameworks, product portfolios, consulting, testing, evaluation, and assessment services, comprehensive ICS security solutions, and long-term collaborative mechanisms for ICS security work.
Starting from the essence of industrial control system security, based on business characteristics, rooted in the industry, and integrating technologies such as automation, information, and security, this approach explores the essential mechanisms of safe operation of industrial control systems, proposes applicable theories, develops safe industrial control and protection products, and forms targeted solutions to comprehensively improve the overall guarantee capability of safe operation of industrial control systems. This is a feasible action plan.
Disclaimer: This article is a reprint. If it involves copyright issues, please contact us promptly for deletion (QQ: 2737591964 ) . We apologize for any inconvenience.
