Securing OT in the Face of IIoT and 5G
Until recently, most operational technology (OT) processes ran on isolated networks with specific protocols. This tended to make security a simple matter of physical protection. The separation of the OT network from everything else—the so-called air gap—made it easy to ignore the major cybersecurity headaches being faced in data centers and business networks.
Over the last decade, OT protocols have increasingly been encapsulated into internet-based routable protocols (e.g., Transmission Control Protocol [TCP]/Internet Protocol [IP]). Industrial networks are now converging with the IT network as well. To use Purdue model terminology, while the physical process, operations, and control zones are still segregated from the business and logistics zone, as the traditional air gap is vanishing. A demilitarized zone with a network firewall is put in place to keep them apart. However, an ever-increasing amount of information now needs to pass between these zones. As ingress and egress data flows to OT systems increase, threat exposure also increases.
In parallel to these developments, there have been other technological shifts such as miniaturization of sensors and controls as well as applied artificial intelligence (AI) to help make sense of huge amounts of data supplied by OT systems. Perhaps most significant from the standpoint of security is wireless connectivity, which can allow direct connection to the internet, bypassing traditional OT network connections. Many industrial tools and devices now have built-in wireless connectivity, allowing process data and telemetry to be directly uploaded to business information systems or to supply maintenance data directly to the manufacturer of the system. This connectivity of many different types of devices via the internet is known as the Internet of Things (IoT). When IoT devices run within the perimeter of an OT environment, they are usually referred to as the Industrial Internet of Things (IIoT).
This paper will discuss the impact of IIoT and 5G on security for a modern OT environment. It will also review the architectural considerations for providing secure connectivity in the enterprise and demonstrate how modern techniques can support both the security and flexibility required in today’s enterprise.