Cost-effective cybersecurity remains a pain point and challenge for industrial control system installations. The more critical the plant or infrastructure operated by a control system, the greater resources and attention are lavished on its cybersecurity. Likewise, cybersecurity is often cited as the leading barrier to growth of the Industrial Internet of Things (IIoT). Unfortunately, there has been little fundamental improvement in the nature of internet protocol (IP) communication. The protocols for internet and industrial IP communication were established in the 1980s and 1990s. Therefore, most industrial cybersecurity technologies and products today adopt the strategy of guarding the perimeter of a vulnerable intranet, beginning with the firewalls first developed in the late 1980s.
Two quite promising software-defined networking (SDN) technologies recently applied in industrial control systems may deliver substantial improvements in the cybersecurity of both new and existing industrial control systems. The first of these techniques uses an SDN protocol, OpenFlow, to manage a network. The second uses Host Identity Protocol (HIP, RFC 7401) to create and manage a secure identity-based overlay network that serves the automation components and shields these from general visibility. Both SDN techniques have already been employed in actual industrial installations and products have been released to the industrial market using both SDN techniques. Either might well be the most promising forward step for industrial cybersecurity since the invention of the firewall.
If you would like to buy this report or obtain information about how to become a client, please Contact Us
Keywords: Critical Infrastructure, Cybersecurity, OpenFlow, SDN, Security, SEL, Software-defined Networks, Tempered Networks, ARC Advisory Group.