Posts

Recent IoT Attack on Dyn Calls for Secure By Design

/by

The recent denial of service attack on Dyn, a DNS service company for a huge chunk of the Internet, sure woke up a lot of people.  Somehow when it happens to you, you tend to feel it more.  Twitter, Netflix, Reddit, eBay, and Paypal users certainly felt it when they couldn’t access those sites.  Now that most of us are awake, what can we do about it?

In the short term, not a lot, apparently.  In a recent article about the attack titled Vulnerability Is the Internet’s Original Sin, Internet security expert and author of Dark Territory: The Secret History of Cyber War, Fred Kaplan points out that from the beginning the costs and challenges of designing security into the Internet from the ground up was considered too challenging and costly.

Kaplan tells how, back in 1967, Willis Ware, the head of the Rand Corporation’s computer science department and a NSA scientific advisory board member, wrote a paper warning the ARPANET team and others that “once you put information on a network—once you make it accessible online from multiple, unsecure locations—you create inherent vulnerabilities … You won’t be able to keep secrets anymore.”

The Dyn attack was simple in concept and easy to execute.  The devices used were accessible household appliances and electronics, configured out of the box with simple default user names and passwords like “username”, “password”, and “12345”.  The virus cycled through these default credentials to recruit thousands of devices into a giant collective, which was then coordinated to flood Dyn with traffic.

To prevent this kind of hack, device manufacturers may start updating their devices to ensure more secure usernames and passwords.  But that ignores the elephant in the room.  The fundamental problem is that these IoT devices are available (they are always on, ready to communicate over the internet), they are accessible (they can be seen on the internet), and they are numerous (with numbers growing exponentially).  This combination of availability and accessibility, multiplied by the huge numbers, makes IoT devices perfect for coordinated attacks.  We can be sure that the bad actors are already working hard on defeating username/password protection on IoT devices.

Considering the first of these three critical factors, IoT functionality requires that IoT devices are available for communication.  There is not a lot we can do about availability.  Secondly, the business opportunities and economic promise make device proliferation unstoppable.  We have to expect continued rapid growth.  But we can do something about the third critical factor: accessibility.

No IoT device should be sitting on the Internet with one or more open ports, waiting for something to connect to it.  The device can and should be invisible to incoming probes and requests to connect.  A hacker or bot should not even see the device, let alone be given the chance to try a username or password.  That technology exists, is easy and inexpensive to implement, and has been proven in thousands of industrial installations for over a decade.  Governments and manufacturers need to be employing it across the full range of IoT applications.

Security Framework for Industrial IoT Built on Trust

/by

Ultimately, it comes down to trust.  When someone hears about the Industrial IoT, and asks, “What about security?” what they probably mean is, “Should I trust it?”  Without trust, things get complicated, bog down, and sometimes stop moving altogether.  Without trust it’s difficult to build anything—a team, a business, or a family.  And among other things, trust depends on security.

Recently the Industrial Internet Consortium (IIC) published a paper titled Industrial Internet of Things Volume G4: Security Framework, that outlines a comprehensive security framework for the Industrial IoT (IIoT).  In the introduction, the paper outlines five key system characteristics that build trust: security, safety, reliability, resilience and privacy.  The IIC paper then describes how these characteristics must be infused into the IIoT for industrial users to trust it.

It says, “A typical Industrial Internet of Things (IIoT) system is a complex assembly of system elements. The trustworthiness of the system depends on trust in all of these elements, how they are integrated and how they interact with each other. Permeation of trust is the hierarchical flow of trust within a system from its overall usage to all its components.”

Trust is fundamental to the Security Framework

The idea is that for trust to permeate through the IIoT system—for the users to trust it—the system must be trustworthy from the ground up.  First, the components or building blocks of the system must be trusted.  Next, the system builders need to both trust these components, as well as put them together in a trustworthy way.  When all is checked, tested, and functioning well at these two levels, and the system meets the specifications of the system users, then the users will begin to trust the system.  Trust will permeate down from the users to the system builders, and ultimately to the components and those who supply them.

Skkynet’s secure-by-design approach to the IIoT follows this model.  At the level of components, our software and services have been installed in hundreds of mission-critical systems.  The system integrators who work with these components trust them, because they have seen how they perform.  Using DataHub® and SkkyHub™, they have been able to deliver highly-trusted, well performing systems.  Plant managers and owners are satisfied with these systems, and have extended their trust to the system integrators, as well as to the software and services.

How the IIC’s Security Framework applies specifically to Skkynet’s SkkyHub, DataHub, and ETK is well beyond the scope of one blog—more needs to be said, and is coming soon.  The Security Framework concepts are familiar to us, as we have been incorporating them for years in the secure-by-design approach we take in developing our software and services.  We are pleased that the IIC has published this paper, and consider it a valuable resource for gaining a better understanding about security and the Industrial IoT.

Connecting the Worlds of IT and OT

/by

Ever since the dawn of computing for commerce and industry, there has been a wide gap between the world of IT (Information Technology) and OT (Operations Technology).  Most of us are more familiar with IT—crunching numbers for financial applications, building databases for personnel records and corporate assets, and printing out sales reports, monthly earnings, and year-end statements.  The world of OT is more remote and esoteric—hidden behind firewalls and DMZs, sometimes on completely independent networks, mission-critical systems oversee the real-time processes that control a company’s production equipment and machinery.

Now, with the advent of Industry 4.0 and the Industrial IoT, these two worlds are being brought together.  In a recent article, The Internet of Things: Bridging the OT/IT divide, John Pepper, CEO and Founder of Managed 24/7, makes the case that the business value of operational data will be lost unless IT and OT learn to co-operate.  He said, “Unless organisations actively bridge the gap between OT and IT, the real operational benefits of the digital business will be lost.”

A risk of losing the prize

According to their research, companies are jumping on the IoT bandwagon and increasing their number of networked devices, but due to a lack of an overall policy to bridge the IT/OT gap, there is a real risk of losing the prize.  Critical OT information that has been unknown in the past is now becoming available, but only to those who know how to connect to it, and are willing to do so.

“Indeed, while the vast majority of new control systems used in buildings and factories – from water pumps to energy systems – include an Ethernet connection,” says Pepper, “few organisations are actively using this real-time insight to support CxO decision-making.”

Pepper’s call for deeper integration between the real-time data flowing through the OT world and the analytical capabilities of the IT world is a need that Skkynet was created to meet.  The predictive technologies that Pepper recommends can be realized and fully supported by Skkynet’s Industrial IoT technologies.  The vision of end-to-end monitoring and self-healing technologies that Pepper shares can become reality when we effectively connect the two worlds of IT and OT.

Case Study: Siemens, Denmark

/by
Integrating OPC servers and data from high-security facility

In a recent data integration project, Siemens engineers in Copenhagen, Denmark were able to connect equipment and instrumentation running in a high-security facility to a remote monitoring location, using DataHub® software. The goal was to allow technicians access to the machines they needed to work on, without breaching security or permitting any non-authorized personnel on site.

At first the project promised to be a typical OPC application. The main objective was to connect a chiller unit with an OPC DA server running at a secure facility to two SCADA systems at a monitoring station, each enabled as an OPC DA client. However, it soon became apparent that there would be some problems with networking. OPC DA networking depends on DCOM, which at the best of times can be difficult to configure and slow to reconnect after a network break. To make matters worse, the OPC server provided by the chiller manufacturer was not up to the task.

“This particular OPC server has some strange behaviors,” said Carsten Barsballe, the project leader. “It won’t run as a service, and it won’t allow remote connections using DCOM, because when you disconnect, you are not able to reconnect. So we decided to encapsulate it in DataHub software.” Barsballe installed a DataHub instance on the same machine as the chiller’s OPC server, and configured it to run as a service, causing it to connect whenever the system starts. This allows him to use the DataHub instance for all OPC client connections.

At the monitoring facility, Barsballe discovered another potential setback. His SCADA systems were not able to connect remotely to an OPC server. They required a local OPC connection, so Barsballe decided to use DataHub tunnel/mirroring. He installed two more DataHub instancess, one on each SCADA system machine, and configured tunnel/mirror connections across the network to the first DataHub instance. His SCADA systems each connected to their local DataHub instance, and the data link was complete. Technicians could now view data from the high-security facility from the safe distance of the monitoring location.

“The two SCADA systems are separate from the chiller unit, but fully connected in real-time, so technicians can work on them as they are used to,” said Barsballe. “This is a way to keep people from touching things they don’t know about. We have lots of people working at all hours, and now there is no need to for them to be onsite at any time.”

With the chiller system up and running, Barsballe plans to integrate more data sources into the system. They have a few UPS (uninterruptible power supply) units with SNMP connectivity that they need to monitor, and by adding an SNMP-OPC server, the data from these will be brought into the DataHub instance. After that, they will also attach an OPC server for several meter-reading input devices. All of this data will then be sent across to the SCADA systems, and made available to the service people who need access to it.

“The DataHub software is running very well,” said Barsballe. “We do a lot of this kind of data integration, and there will be other projects. Now we have a good feeling for this product. We have chosen the right solution.”

Case Study: ABB Energy Automation, Italy

/by
Secure OPC tunnel/mirror between power plants and company offices

In two recent projects, Italy’s ABB Energy Automation has developed a control solution that feeds data from power plant facilities directly to corporate offices – in real time – using DataHub® software. A key requirement was to provide a highly secure means of data transmission, with minimal risk of break-ins. For each project they implemented a DataHub tunnel/mirror solution to establish a secure, reliable connection between the power plant and corporate networks.

ABB Energy Automation provides software and control systems for power plants to ensure that equipment operates at optimum speed and efficiency. For these projects, it became clear that several Italian power companies would benefit substantially by monitoring the performance of the plant directly from the company offices. Mr. Michele Mannucci, ABB Project Engineer, began looking for a way to make the connection, using the most reliable and secure means available.

“Customers are very sensitive about security these days since they need to exchange information on the web,” he said. “We had OPC DA servers on our equipment, but found that using DCOM for networking was too risky. It required us to open too many ports in our firewalls. We had to find a way to avoid using DCOM.”

A search on the web brought Mr. Mannucci to DataHub software. For the first test, he connected a DataHub instance to the plant’s DigiVis Freelance 2000 OPC server, and then configured it to tunnel out through the plant firewall. With that working, he installed another DataHub instance on the corporate network, and then created a tunnel/mirror connection between the two DataHub instances.

For the production system, the company decided to use ABB’s own proprietary OPC server on the secure LAN in the plant, and connect that to the DataHub instance. From there the data flows out through the plant firewall via SSL-encrypted TCP to a DataHub instance in the corporate offices, which is connected to the corporate LAN. The two DataHub instances mirror the data, so that every data change on the plant LAN is immediately received on the corporate LAN.

“This DataHub tunnel with data mirroring is very good for our OPC networking, because we only need to open one port, and we are secure from DCOM break-ins,” said Mannucci. “We are considering installing this same solution in our top plants.”

It took only a few days for Mannucci to go from initial testing to a working system in the first power plant. The second system was up and running in a similar time frame. Both systems have been running 24/7 since installation, with no breaches in security.

ExxonMobil Seeks Open Automation Solutions

/by

At the most recent ARC Industry Forum in Orlando, ExxonMobil announced that they are not satisfied with business as usual when it comes to industrial automation, and they are looking for something far superior to what is currently being offered.  On January 14, 2016, ExxonMobil announced that they had awarded a contract to Lockheed Martin to serve as the systems integrator in the early stage development of a next-generation open and secure automation system for process industries.  Lockheed Martin is tasked to seek out the architecture and tools needed for an “open, standards-based, secure and interoperable control system” that can be seamlessly integrated with existing facilities, as well as new and future systems.  ExxonMobil wants the hardware and software components to be commercially available and able to function in all current DCS markets.

Rather than simply replace their aging systems with the current state of the art, which is expensive, inflexible, and closed, ExxonMobil wants to leverage new, open, IoT, wireless, and cloud technologies to cut costs, enhance security, and reduce development time. As with other, adjacent areas of technology, they want to see a step-change improvements, not incremental or bolted-on changes to obsolete architectures.

Originally presented at Industry Day on January 26, 2016

Their vision for open automation is standards-based, secure, and interoperable, which will:

  1. Promote innovation & value creation
  2. Effortlessly integrate best-in-class components
  3. Afford access to leading-edge capability & performance
  4. Preserve the asset owner’s application software
  5. Significantly lower the cost of future replacement
  6. Employ an adaptive intrinsic security model

This vision reads like a list of Skkynet connectivity solutions features and benefits:

  1. SkkyHub, DataHub, and the ETK foster innovation and value creation by providing open-standards, real-time data connectivity for hardware and software from almost any vendor.
  2. These Skkynet tools allow users to integrate data from virtually any components.
  3. This kind of real-time data integration enables each component in turn to perform at its highest capacity.
  4. Any generation of equipment, from legacy to state-of-the-art, can be integrated.
  5. Connecting modules can be replaced, and the system itself gets continually updated.
  6. Connections from the DataHub or ETK to SkkyHub are secure by design.

We are currently in communication with Lockheed Martin, and bringing these advantages to ExxonMobil’s attention. We share their vision, and offer tested, verified, working solutions.