Project Consulting, Design, Engineering and Implementation
Operational Technology (OT) is increasingly exposed to both cyber and traditional threats; both likely to impact availability. Whether the actor is a nation state or a disgruntled employee it has never been easier to disrupt a critical system and never harder to detect the source. Goverements across the world have recognised this and passed major laws (NIS) to drive change. They have provided both carrot (Secure by Design guidance from the NCSC) and stick (fines to £17.5M or 4% of turnover). Industry has collaborated to create frameworks to assist with design (IEC 62443, NIST, etc). Neither address the lack of on site skills, experience or competence faced by industry to manage change. This is where IT4A can help.
A OT network engineering specialist will lead you through the design process. We will interpret the context you provide and provide a proportionate solution that is a good fit for your organisation.
Hardware will be selected that is reliable, mid life, and supportable by local teams. Critical hardware will be mainteinance friendly (fast restart) with minimal impact to operation during routine maintenance activity.
OT systems and infrastructure needs to be patched periodically to address vulnerability. Switches that can restart in seconds compared to others that can take 10 minutes are going to be preferred in operational environments – a characteristic often overlooked.
IT4A bring the lessons learned from 25 years of OT network design, implementation and support to bear on every project. Our full time team of network, infrastructure and cyber engineers and service desk analysts design for an easy life – high availability and seamless recovery.
Despite the emergence of standards and reference models for IACS system design (IEC 62443, NIST, CISA & NCSC) there is no quick fix; although some believe otherwise. Simply adding standards and accnonyms into a tender as mandatory requirements without explaining what they are, why they are there and any detail that would allow them to be incorporated into a costed design is extremely high risk for all involved. The most likely outcome is significant compromise from both parties with neither client or contractor feeling good about it. The best scenario is the contractor challenges the requirement from the outset and askes for clarification. This process is likely to introduce significant delay as the answers are probably largely unknown.
This is the big one. The System design framework developed by IEC for Industrial Automation Control Systems – it sounds perfect for SCADA and many other OT systems. The PROS: 62443 is a very broad, robust and tightly defined standard. It leverages strong technical principles and the standard is well structured and sufficiently prescriptive to drive a design process by experienced IACS engineers with a good knowledge of IT principles. The CONS: There is a significant amount of consultative design and documentation / evidence collection that is unlikely to be referenced again out side of the 62443 Audit process. This may be ideal for some tightly controlled industries but possibly alignment to the standard rather compliance to the standard is a more achievable (pragmatic) approach for others. Even alignment will carry significant project and operational overheads and time penalties.
If use of the IEC 62443 within a tender is attempting to protect the client from a contractor’s inability to deliver the solution then the client should not select the contractor. Unfortunately the contractors that allow for the time and cost of engineering to the 62443 standard will be higher and success rate lower. If procurement preference is given by the least cost bidder that is prepared to sign up to the contract terms – beware dissatisfaction all round will be the most likely outcome.
Within the UK it is not the design framework used that achieves NIS 2018 compliance, it is the successful assessment against the NCSC’s Cyber Assessment Framework – CAF. CAF is not prescriptive, it is proportionate to risk and generally process driven. If the client has no process to monitor and assess, the quality of the monitoring system is irrelevant – the CAF audit outcome will therefore be a fail. Network features exist within products to mitigate or control a risk, the tender should therefore describe the threats and risks a design should consider. CAF is a better bar to set and manage expectation – is not however for the contractor to comply but to enable compliance if the necessary processes are in place and exercised by the client in operation. A subtle but important difference.
Ask your IACS System Integrator to take responsibility for Network, Infrastructure and Cyber Security and Compliance. Whilst IACS integrators are specialists in their areas of primary responsibility, this rarely extends to network, cyber and related infrastructure. They will of course do their best to support you but they may lack the skills to design for compliance. Some checks to help gain confidence:
A context aware, trusted subject matter expert is critical from the outset if optimal outcomes are to be achieved. Failure to do this will likely store up problems that are costly and time consuming to remedy.
1. Employing and retaining skilled resources, a great solution if you can find them and have the resources to fund them. Maintaining a team of motivated OT network engineers, OT infrastructure specialists and OT cyber specialist is a big ask for any organisation. For sufficiently experienced resources in just these 3 roles you are looking at an overhead of £250-£500K per year. Who will manage and direct them?
2. Pass responsibility to IT. This can work, but experience tells us that IT and OT culture and context is very different. In practice you will end up with IT systems and practices running your OT, OT has now lost control of its mission.
3. Do nothing and rely on non-specialist to get by. Sounds crazy but probably the most common approach seen.
IT4Automation visited to perform a network survey and assisted with troubleshooting a network issue… I was very pleased with the service that IT4Automation provided and would certainly contact them again in the future if needed.
Stuart Jolley – S,C&I Engineer – Systems Lead
Great communication, reliable and your team… worked pretty much non stop start to finish. I think this upgrade has made a good improvement to the machine and will improve reliability.
George Voisey – Balfour Beatty Rail