Embedded Cybersecurity: A Paradigm Shift in Critical Infrastructure

Embedded Cybersecurity: A Paradigm Shift in Critical Infrastructure


The Shift from Stand-Alone To Embedded Cybersecurity

Industry 4.0the ongoing move toward interconnectivity and automation in industrial process controlhas opened a world of new possibilities for critical infrastructure operators. For the first time, systems and devices at the lowest levels of the industrial network, like actuators, sensors, and switches, are gaining network connectivity on a broad scale. These newly-smart devices give critical infrastructure operators an unprecedented ability to monitor and adjust system performance in real time. 

Increased connectivity creates not only opportunities to optimize performance, but additional vulnerabilities as well. Of particular concern is the fact that network connectivity exposes low-level industrial devices to attackers.  Devices that were previously inaccessible, except through direct physical contact, can now be attacked over the network. The consequences of a successful attack at the control or process level are potentially much more severe than those of a breached workstation or server. In addition to the financial damage that follows any security breach, disruptions at these levels can lead to physical damage and even loss of life. 

Because of this, industrial network owners are seeking alternatives to the existing cybersecurity paradigm and looking for ways to reap the operational efficiencies that come with the delivery and analysis of rich performance data, without exposing industrial devices to critical security threatsIn response to this growing demand, many industrial control system vendors realize that they can add significant value to their traditional products by incorporating advanced embedded security technology that is specifically tuned for the environments in which their systems are used.   

A New Model for Protection 

A paradigm shift has begun in critical infrastructure. Industrial network owners want to reduce the number of stand-alone solutions they manage and are looking to industrial equipment manufacturers for a more secure, unified approachEmbedding advanced security directly into industrial devices enables data exchange at the lowest levels of the OT network, while providing maximuprotection against cyber threats. Embedded technology is easier to administer and more cost-effective than alternative approaches. Hardware-based security solutions are less susceptible to conventional exploits and do not require continuous software updates to provide high assurance protection.   

Hardware vs. Software-Based Security  

Software-based cybersecurity solutions, including typical industrial firewalls, are inherently maintenance-intensive and vulnerable to sophisticated attacks. Software-based cybersecurity solutions rely on a central processing unit (CPU) for its operation. A conventional CPU has no built-in restrictions on what it will and will not do– if malicious code reaches the CPU, the CPU will execute it. 

Adding to the risk is the fact that most software-based cybersecurity solutions are designed to run on commonly used commercial operating systems. These operating systems have been studied by threat actors for decades and an enormous number of vulnerabilities have been documented and exploited.  

As a result, threat actors are constantly creating and deploying new forms of malicious code to use in attacks against software-based critical infrastructure systems, forcing security teams into a continuous cycle of reactive patching and updating to protect against the emerging threats. This pattern places a burden on every security operation, but is uniquely challenging for critical infrastructure operators, due to the time-consuming and expensive nature of testing and deploying new patches for mission critical systems. 

Hardware-based cybersecurity provides more reliable, cost effective protection. Hardware cybersecurity can be designed so that it is physically impossible for malicious software to cause a component to operate in an unintended way, or to perform any function other than the one it was designed to perform. Once installed, embedded hardware technology can be expected to function properly throughout the lifespan of the device it protects. This combination of simplicity and reliability has driven wide adoption of the hardware-based approach among critical infrastructure and government organizations. 

A Secure and Unified Approach  

As industrial network owners seek practical, enhanced security options for all of their critical infrastructure equipment, smart vendors see the opportunity to add value to their conventional controllers and sensors by adding embedded security technology. Building security into industrial devices, rather than attempting to add security after the fact, provides a range of benefits for operators, designers, and manufacturers of industrial and critical infrastructure controllers and safety systems.  Hardwarebased solutions further provide high resilience against conventional software-based threats even in an environment where patches and updates are difficult to deploy.   

To learn more about embedded cybersecurity, check out this brochure. 

Cross Domain Solution Assessment & Authorization: Part 2 – Acronyms, Assessments, and Everything in Between

In our previous post, we discussed the purpose and goals of Assessment & Authorization (A&A) processes for various technologies, specifically with regard to U.S. Government testin...
June 30, 2021

Reliable Cybersecurity for Oil and Gas Pipelines

No one wants to repeat the week-long Colonial Pipeline shutdown, or—even worse—see a critical infrastructure cyber attack that manages to infiltrate a pipeline’s operational technol...
June 28, 2021

Air-Gapped Networks and Data Diodes

An air gap is the ultimate cybersecurity measure: a physical separation between a secure  network and any other computer or network. The purpose of an air gap is to eliminate any poss...
June 7, 2021