Cyber security primer for legacy process plant operation

The military has identified five “domains” for defense. The original three, land, sea and air are now joined by space and cyber. Cyber is an entirely new domain with increasingly different and challenging issues. Nowhere else are there more important aspects to be addressed than in the control and automation of process plants. Cyber security has major influences in the efficiency, safety and reliable operation of both equipment and personnel. Stuxnet proved the vulnerability of PLCs, and “open doors” in operating systems such as Windows require constant updating to prevent malicious entry. This paper reviews the “white hats and black hats” operating in the process control areas. The Open Systems Interconnection model (OSI model) is reviewed with respect to possible intrusion points in SCADA (Supervisory Control and Data Acquisition) and PLC (Programmable Logic Controller) systems as well as DCS (Distributed Control System) operating systems. This paper focuses on legacy systems (brown field, SNMP and Modbus. For “green field” systems, there are significant advances for protocols. Learnings from previous breaches and information on securing systems will be addressed. The information presented in this paper gets continually more critical as the Industrial Internet of Things (IIoT) and wireless communication is adopted in process plants. A list of recommendations gives the user some guidelines to build a framework for cyber security in their systems.