Implementing Defence-in-Depth in Accordance with IEC 62443: Strategies for Manufacturers
Defence-in-Depth (DiD) is a strategy that utilises multiple layers of defence to protect information and prevent single points of failure in industrial environments. For manufacturers, especially those adhering to IEC 62443 standards, implementing a DiD strategy is essential to ensure the security and reliability of their Operational Technology (OT) systems.
Defence-in-Depth and IEC 62443
Defence-in-Depth involves the layering of security measures such that if one layer fails, subsequent layers continue to provide protection. It's a holistic approach that covers physical, technical, and administrative controls. The IEC 62443 series of standards emphasizes this approach by requiring security features to be integrated at different levels, from the perimeter of the network right down to the shop floor.
Applying Defence-in-Depth in the Purdue Model
The Purdue Model for Industrial Control Systems standardises the functions and networking of industrial systems into different levels from Level 0, which involves direct control of physical processes, up to Level 5, which involves enterprise-wide business systems. Here’s how Defence-in-Depth can be applied across various levels of the Purdue Model:
1. Level 0 (Physical Process Level)
o Security Measures: Implementation of physical barriers, tamper detection, and access control systems to prevent unauthorised physical access to critical process control equipment.
o DiD Implementation: This level focuses on securing the physical aspects of the OT devices that directly interact with the production processes.
2. Level 1 (Basic Control)
o Security Measures: Hardening of field devices and securing communications between these devices and control systems. Use of secure protocols and encryption to safeguard data integrity and confidentiality.
o DiD Implementation: Enhancing security at this layer protects critical control commands and sensor data from being intercepted or manipulated. TrustedFilter® from 4Secure ensures only ‘know good’ data is able to traverse from or to level 1.
3. Level 2 (Area Supervisory Control)
o Security Measures: Implementation of network segmentation to separate supervisory control systems from other network traffic. Application of access controls and firewall policies to limit connections to trusted devices and systems only.
o DiD Implementation: Segmentation and firewalling help to contain potential breaches and reduce the risk of propagation of malicious activities to other network segments. Alternatively TrustedFilter® can replace or enhance firewalls by flanking them to provide additional security controls that cannot be delivered by traditional or NGFW firewalls.
4. Level 3 (Site Operations Control)
o Security Measures: Integration of intrusion detection systems to monitor for unusual network traffic and potential threats. Application of rigorous patch management and maintenance procedures to ensure that systems are up-to-date.
o DiD Implementation: Monitoring and maintenance are crucial for early detection of threats and vulnerabilities, ensuring that security patches and updates are applied in a timely manner to mitigate risks. Additionally, the implementation of TrustedFilter® provides the security and confidence to know that patches and updates come from a legitimate source and have not been tampered with.
5. Level 4 (Site Business and Logistics)
o Security Measures: Use of VPNs for any remote access, coupled with strong authentication and authorization practices. Implementation of endpoint detection and response (EDR) solutions to identify and respond to cybersecurity incidents.
o DiD Implementation: These measures ensure that corporate and business systems are isolated from operational networks, yet securely managed to prevent data breaches and unauthorized access. This can be substantially fortified with the implementation of TrustedFilter® with or without the use of data diodes.
6. Level 5 (Enterprise Zone)
o Security Measures: Comprehensive cybersecurity policies and training programs to address social engineering and phishing attacks. Integration of advanced threat intelligence and analytics to predict and respond to emerging cybersecurity threats.
o DiD Implementation: At the enterprise level, fostering a culture of cybersecurity awareness and preparedness is critical for overall organizational resilience.
Defence-in-Depth is a key strategy for manufacturers aiming to comply with IEC 62443 standards. By applying multiple layers of security across the different levels of the Purdue Model, manufacturers can effectively manage risks and enhance the security of their industrial control systems. Each level of the model provides unique opportunities to implement robust security measures that contribute to a comprehensive, resilient defence strategy. This structured approach not only protects individual components but also ensures the security and continuity of the entire manufacturing operation.