IMCAFS

 Home

look at the current situation of industrial control safety from the enterprise site

Posted by tzul at 2020-04-03
all

This paper is an article based on the field safety investigation and inspection of industrial enterprises, which summarizes and refines the collected first-hand data. This paper makes a simple analysis and summary of the current situation of industrial control safety in some industries. However, due to the large number of industrial enterprises, the selected enterprises are often typical representatives of similar enterprises in a certain region, so some conclusions are not completely consistent with the actual situation of each enterprise.

In July 2016, the national key information infrastructure network security inspection work of cnmio was launched. On November 3, 2016, the Ministry of industry and information technology issued the guide for information security protection of industrial control system. On June 1, 2017, the network security law of the people's Republic of China was officially implemented. With the launch of this series of measures and the implementation of legal policies, industrial control safety has also been upgraded to an unprecedented height. After the state completes the top-level design, the competent departments of local governments have also taken actions to carry out various levels of enterprise industrial control safety inspection, research, evaluation and other activities, and strive to find out the current situation of enterprise industrial control safety in the jurisdiction, and at the same time, guide and supervise enterprises to face the safety problems of their own industrial control system.

        As the backbone of the enterprise focusing on industrial control safety, Beijing winut Technology Co., Ltd. needs to undertake its due social responsibility, based on the guidance of policies, from the vital interests of industrial control enterprises, go deep into the front line of the enterprise, find problems and solutions for the enterprise's industrial control system; at the same time, select the technical backbone of the company, closely cooperate with the competent departments of local governments, and work for industrial control safety Our development contributes to our own strength.

Recently, the technical experts of winut have undertaken a lot of tasks to assist the competent departments of local governments or the headquarters of large enterprises to conduct in-depth research and inspection on the front-line of industrial enterprises. They not only listen to the understanding of front-line technical personnel on industrial control safety, but also collect the needs of industrial control safety of enterprises, and at the same time feel the security challenges faced by enterprises more directly. While sparing no effort to help enterprises put forward suggestions for improvement, it also accumulates experience for optimization and adjustment of industrial control safety solutions. According to the data obtained from the survey, industrial control safety has been paid more and more attention by enterprises, but at the same time, there are various problems in different degrees. The root causes of the problems are various, and the status quo of safety is mixed.

1、 Industry status

The following is a simple summary of the current situation of industrial control safety from different industries, in order to provide some reference for some readers who pay attention to the development of industrial control safety.

Power generation industry:

System overview:

In terms of types, power generation enterprises have many types, such as thermal power generation (also can be divided into gas power generation, coal-fired power generation, etc.), wind power generation, hydropower generation and renewable energy power generation. The main control system of the power control system is DCS system, and the auxiliary control system is mainly controlled by PLC. The brands of control system are mostly foreign, especially in some power plants with large installed capacity, so it is difficult to see the domestic brands. For a long time, the work of information security in the power industry has been highly valued and continuously improved. "No. 36 document of energy administration" also puts forward clear requirements for the safety construction of enterprises, and the 16 word policy of "special horizontal isolation vertical certification for safety zoning network" highly summarizes the core idea of the document. Most electric power enterprises can also implement it well, but it is undeniable that in today's increasingly prosperous industrial production, electric power as an important basic resource, its strategic significance is self-evident, which also gave birth to many forms of power generation enterprises. From the perspective of Enterprise Ownership: there are power plants of large state-owned power enterprises, pure private power generation enterprises, and internal power plants built by enterprises themselves. Limited to the strength of supervision and the technical strength of the enterprise itself, the safety construction of the latter two is relatively insufficient.

Network security of industrial control system:

According to the requirements of Document No. 36, the network of power generation enterprises is generally divided into clear zones, and the industrial control system is mainly concentrated in zone I and zone II. The boundary of the zone is usually provided with isolation equipment or traditional firewalls for relevant security protection. However, it needs to be pointed out that if there is data flow of OPC protocol passing through firewalls, it is transmitted based on the characteristics of dynamic negotiation of OPC protocol ports It is very difficult to achieve effective protection of the unified firewall; it is also found that the firewall has the problem of improper policy configuration.

Safety problems of industrial control system host:

Some on-site hosts install anti-virus software, but a large number of on-site hosts do not have any protection measures (the main reason is the compatibility problem of the control software). Even if there is anti-virus software, the virus library is often difficult to be upgraded in time, and even the last update of the virus library is found in individual sites only a few years ago. In some private power plants and renewable energy power plants, there is no lack of engineer stations that can connect to the Internet through the WiFi network built privately, as shown in the figure:

Safety problems of industrial control system equipment:

On the one hand, most of the control systems of foreign brands make it difficult for enterprises to know the security loopholes exposed in the first time. Even if they know that there are loopholes, they are often difficult to patch in time. On the other hand, the key control equipment is basically in a state without any protection, as shown in the figure:

Manufacturing industry:

System overview:

The appellation of manufacturing industry is a general concept with different classification methods from different perspectives. This article does not discuss the classification of manufacturing industry. The manufacturing industry in this paper refers to the manufacturing industry dominated by DNC system of CNC machine tools (DNC system's protection plan is detailed in the official account number). It is easy to understand that the CNC machine tool itself has an independent small control system, and the system itself has an Ethernet interface, which can be connected to a higher level system, such as MES system, according to the needs.

Network security of industrial control system:

When the CNC machine tools of enterprises are not networked, the network security problem is relatively small, but in some large and advanced enterprises, the networking trend of control equipment is becoming increasingly obvious. In the networked enterprise site, the boundary between the production network and the management network generally lacks necessary protective measures, and there is often no effective isolation between different areas of the production network, As shown below.

Safety problems of industrial control system host:

These hosts directly connected to the CNC machine tool control equipment basically have no safety protection measures. The U disk and other equipment can also be used freely. There are also some illegal software and non working software installed on the host. The host anti-virus software does not update the virus database in time, as shown in the following figure:

Safety problems of industrial control system equipment:

Most foreign brands of advanced CNC machine tools, even domestic manufacturers' machine tools, their control systems are often foreign products. On the one hand, the enterprise itself can only carry out simple maintenance for these equipment, if there are major problems, it can only be the original factory maintenance, or even remote debugging. On the other hand, the key control equipment is basically in a state without any protection.

Chemical industry:

System overview:

The main control system of chemical enterprises is DCS system. Some enterprises also have PLC as auxiliary control. The brand of control system is mainly foreign, and the domestic brand also has a certain market stock.

Network security of industrial control system:

In terms of network structure, most of the industrial control systems of enterprises are physically isolated. A small number of enterprise production networks and management networks are interconnected. Traditional firewalls will also be deployed at the network boundary for network protection. However, similar to power generation enterprises, if there is OPC protocol data flow through the firewall, based on the characteristics of OPC protocol port dynamic negotiation, the traditional firewall is difficult to achieve effective protection; in the field, it is also found that the firewall has the problem of improper policy configuration.

Safety problems of industrial control system host:

The lack of necessary protection means for the host is quite serious. In some enterprise sites, due to the physical isolation of the industrial control system, there is often the use of U disk and other devices to copy data.

Safety problems of industrial control system equipment:

On the one hand, most of the control systems of foreign brands make it difficult for enterprises to know the security loopholes exposed in the first time. Even if they know that there are loopholes, they are often difficult to patch in time. On the other hand, the key control equipment is basically in a state without any protection.

Urban water:

System overview:

Urban water supply is closely related to people's life. The overall network design of these enterprises generally has a management network and a water plant network with different numbers. In the water plant level network, there are control system network and office network.

Among them, the control system network is mainly ring network, and the PLC with different functions is connected under the ring network switch for relevant control.    

In terms of network structure, most of the enterprise production control systems are physically isolated, a small number of enterprise production networks and management networks are interconnected, and traditional firewalls will be deployed at the network boundary for network protection.

Network security of industrial control system:

The network interconnection of urban water supply is common. The production network and office network are interconnected. Generally, enterprises only deploy some traditional safety protection equipment at the network exit from the enterprise to the public network, and often ignore the isolation between the office network and the production network. Water supply is also an industry closely related to people's life. In order to facilitate people's life, enterprises will establish a payment system for the public. If the safety protection is not in place, it is easy to directly penetrate the internal production network from the public network. As shown below, although there is a traditional firewall between the group network and the water plant network, there is no power on operation.

Safety problems of industrial control system host:

Some sites have anti-virus software, but a large number of on-site hosts do not have any protective measures (the main reason is the compatibility problem of the control software); even if there is anti-virus software, the virus library is often difficult to be updated in time, and even the last update of the virus library is found several years ago; the use of U disk and other mobile storage devices It is also common.

Safety problems of industrial control system equipment

The PLC devices used are basically foreign brands. These devices themselves have exposed serious loopholes, but they did not install the patch package in time or the control manufacturer did not launch the patch package at all. Similarly, for key control equipment, it is basically in a state without any protection.

2、 Common problems

The above content summarizes the industrial control safety problems of several industries. On this basis, we can further extract some common problems, as follows:

Safety system and safety awareness:

This is an old-fashioned problem. On the spot, many enterprises can't get a complete document related to the industrial control safety system, let alone a plan for safety emergency; 90% of enterprises don't draw the network topology structure of the industrial control system, and there are also design plans for the initial construction, and subsequent expansion and transformation won't be updated in time; technicians often think that As long as the system is physically isolated, the security is absolutely guaranteed, without considering that some human errors and hacker technology may make effective attacks on the isolated network; the installation of illegal software is also found from time to time.

Safety operation and maintenance capacity:

"Those who understand safety do not understand industrial control, those who understand industrial control do not understand safety", this is a true portrayal of the safety operation and maintenance ability of industrial control of enterprises. Information security and industrial control are two completely different disciplines. From the initial seemingly incongruous to the present closely related, the development process of security situation is too short, so the human resource reserve of enterprises in this area is relatively passive and backward. Some large-scale and key control systems usually need the technical support of manufacturers, as well as the safety operation and maintenance of enterprises.

Safety technology means:

At present, there are some technologies, some of which are to meet the compliance requirements, some of which are to respond to the safety inspection of the superior, and whether they really play their due role, they need to put a question mark. The means of attack are becoming more and more diversified and the industrial control system is relatively special. Some existing security technologies are sometimes difficult to meet the needs of industrial control system security protection, such as host protection. Simple deployment of host anti-virus software often makes the protection a mere form.

Uncontrollable of control system

The industrialization of western developed countries is earlier than that of China. Although after so many years of continuous catching up, the gap is gradually narrowing, and even in some areas, it is undeniable that the advanced technology of control system is still in the hands of others. When we enjoy stable, mature and advanced industrial control system solutions, we cannot control it Some of the security of the system itself.

Some erroneous or confusing concepts:

"Deployment of security equipment, the system is safe", but I don't know that security is a process of constant evolution;

"Physical isolation is safe", there is no absolute world, sometimes the fortress first disintegrates from the inside;

"Logical isolation is the same as physical isolation". The form of dual network cards to separate the internal and external networks or to deploy isolation equipment is not the real physical isolation. Technically, there is a risk of penetration.

     ……

3、 Root cause analysis

There are many reasons for the formation of the safety status quo. A simple analysis is made from the following aspects:

an issue rooted in history:

This problem should be addressed from two aspects: on the one hand, usability should be put first at the beginning of the design of industrial control system, and safety should be put last, which is the current situation of the industry; on the other hand, China's industrial development started late and has a weak foundation. In the early stage, it is necessary to introduce advanced technology and equipment from abroad, but also to compete for multiple seconds to ensure the output. The priority of safety is often It's very low.

Check and balance of control system manufacturer:

The industrial control system is the soul of the whole industrial production, so the suppliers of the industrial control system have absolute voice in all stages of system design, construction, operation and maintenance, and the voice of safety will be much smaller at this time. "If the system is not available due to the safety protection scheme, the control manufacturer shall not be responsible." We have heard complaints like this from customers at the industrial site more than once.

The cost of transformation is too high:

The industrial control system requires high stability, and the front-line production personnel are more willing to do various operations on the system they are most familiar with. Any upgrading and transformation of the industrial control system is driven by the whole body, which not only means the direct cost input of the enterprise, but also the production suspension in the process of transformation is an invisible cost pressure. Enterprises usually have similar considerations when doing safety protection. As long as there is no rigid demand, maintaining the status quo is the best choice.  

4、 Rectification suggestions

After pointing out the problems and analyzing the root causes, suggestions for improvement should also be made. This paper does not give a detailed rectification plan for the safety problems of a specific enterprise, but gives a reference from the perspective of policies and regulations and general technology of industrial control safety.

From the perspective of compliance, the construction of industrial control safety of enterprises can refer to:

Guide for information security protection of industrial control system;

Information security technology - technical requirements for security design of network security level protection - Part 5: industrial control security requirements.

If the industry itself has relevant policy requirements, it needs to be constructed according to its requirements. For example, the energy industry needs to refer to:

National Energy Administration document No.36 [2015] No.36.

From the perspective of industrial control safety technology, combined with winut's technology accumulation for many years, the enterprise's industrial control safety construction can refer to:

Industrial network security "white environment" solution system. So far, the scheme system has established an independent, controllable, safe and reliable overall protection system for industrial control safety for hundreds of key industry customers, and has been widely praised. The core technical concepts of the scheme include: Defense in depth, white list mechanism, in-depth analysis of industrial agreements, real-time monitoring audit, unified management platform, etc. The general solution topology is as follows:

© 2023