A recent Power Engineering article opened by bringing us back to 2015. Even before there was the ongoing turmoil that we face today with Russia’s invasion of Ukraine, that year marked a significant event unto itself. A series of outages impacted nearly a quarter of a million people when the Russian state-sponsored group known as “Sandworm” attacked a Ukrainian power grid. That attack was then followed up by a similar one in 2017. Considering this history, it’s understandable that experts are on such high alert with the current geopolitical conflict unfolding. They have been on the lookout for similarly fashioned activity that seeks to take advantage of industrial control systems (ICS). But beyond such incidents, what does the case of Ukraine reflect about the larger industrial and infrastructure sectors at large? It is going to take real strategic partnership between overlapping fields like cyber and engineering to protect ICS-dependent operations like energy.
Partnerships to Protect ICS
As explained in that same Power Engineering report, “Like many other kinds of malware, ICS malware is increasingly focused on infiltrating the commonalities across systems and networks in order to have the greatest chance of exploitation and success.” That means that efforts on behalf of involved parties to implement cybersecurity into the initial design process for these systems is of the utmost importance. Also important is that the proper amount of time is set aside for routine data reviews, tests and maintenance.
But it isn’t just power facilities that need to evaluate these evolving trends. This demand is spreading to many other industries as well with the continued transition to digitalization. For instance, as mines turn more and more to technology such as industrial internet of things (IIoT), they are looking at ways to best integrate developments like platforms with cybersecurity built in to enhance efficiency, as described by Engineer Live. Manufacturers are also dealing with similar shifts, including increasing use of cloud capabilities. This has given rise to programs like UberCloud, which has partnered with companies like Rimac Technology, a leading builder of electric hypercars. Wolfgang Gentzscharchive wrote for MIT Technology Review that such integration allows “enterprises in manufacturing to seamlessly integrate HPC into a “cloud-first” or hybrid cloud strategy,” which is especially relevant to the need for remote access that has become commonplace.
Integrating System Integrators
While organizations adopt these expanding technologies, it may be necessary to prioritize the role of system integrator (SI). Food Engineering highlighted food and beverage manufacturers as a prime example for this process. By welcoming in the right SI, not only can manufacturers set themselves up for a smoother transition into automation, but they are also inviting in the right expertise on integrating IT and OT networks, which, as we have established in previous posts, is often a challenge when considering cybersecurity.
An SI may have a greater understanding of the changes DCS and SCADA systems are undergoing too. Kevin Finnan and Wataru Nakagawa report for Automation that these systems are, “integrating with additional intelligence at every level of the industrial automation architecture to facilitate predictive asset lifecycle management and value chain optimisation while advancing the stakeholder experience and improving security and safety.” With the introduction of tech like IIoT, DCS and SCADA systems are experiencing some of the same digital transformations that we have mentioned here, therefore requiring inclusion within our focus on ICS cybersecurity. Enhancing comprehension around these technical developments will set operators, engineers, manufacturers and all other pertinent participants on a mutual path toward stronger network and software security.
- “The threat ICS malware poses to the electric power sector” – Clarion Energy Content Directors, Power Engineering
- “Next-Gen Asset Performance Managements” – Louise Davis, Engineer Live
- “Manufacturing is finally ready for digital transformation” – Wolfgang Gentzscharchive, MIT Technology Review
- “Choosing and working with a system integrator” – Wayne Labs, Food Engineering
- “The Roles of DCS and SCADA in Digital Transformation” – Kevin Finnan & Wataru Nakagawa, Automation