Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84541members
353794posts

Instrumentation Cybersecurity Lessons Learned From the Field

Level and Pressure Instrumentation Forum

A forum dedicated to sharing information, tips and tricks or ask/answer questions regarding radar, buoyancy, d/p level and flow, differential/absolute and gauge pressure and more! Please post tips and tricks, ask questions of the community and share new information.

Jeff_Blair
Schneider Alumni (Retired)
Schneider Alumni (Retired)
6
4729

Instrumentation Cybersecurity Lessons Learned From the Field

As a hopeful helpful reminder and conversation starter, I'm interested in what end users are doing to ensure the cybersecurity of their traditional wired instrumentation.  Needless to say, hacking into an instrument and changing the configuration may bring undesired results.  My experience has been preventing physical tampering with instrumentation and associated wiring as a cybersecurity measure.  Here are some of the lessons learned:

 

  • If the instrument has a display or configurable pushbuttons, ensure a security code is enabled and different from the default.
  • Provide physical hardening of the instrument including (but not limited to) using instrumentation enclosures and cabinets.
  • If available, install physical locks on the instrument display cover to limit tampering.
  • Most instrumentation can be configured remotely from the wiring.  Ensure instrumentation wiring is secure in a cable tray or conduit and is not easily accessible. Physical Enclosures For Instruments.PNG

     

    Physical Locks On Instrument Covers.PNG

     

    Change the Display Passcode.PNG

     

 

Tags (1)
6 Replies 6
bipinzacharia
Crewman Crewman
Crewman

BuRe: Instrumentation Cybersecurity Lessons Learned From the Field

Hi,

By adding the feature, I have few queries on the cyber security

 

a)what level of security is achieved?

b) Are we adhering to any standard? If Yes, which standard and version of the same?

Tags (1)
rhbbatista
Ensign
Ensign
2
4604

Re: Instrumentation Cybersecurity Lessons Learned From the Field

https://blog.se.com/cyber-security/2020/08/19/ot-cybersecurity-for-industrial-sensors-the-why-and-th...

 

An interesting article that is pertinent to the subject raised, and warns of the lack of attention with issues related to cyber security referenets to sensors (instrumentation included).
And I think an important warning to the new protocols based on ethernet that are emerging for instrumentation.

 

"While most traditional OT cybersecurity efforts are focused more on critical SCADA systems, PLCs, and other ethernet-linked devices, sensors are often ignored, even those that are ethernet connected. Yet sensors provide the data from which many control-based decisions are made, and thus, also should fall under the critical assets category for representing the process."

 

Notice that the article was republished on the ISA blog: https://gca.isa.org/blog/ot-cybersecurity-for-industrial-sensors-the-why-and-the-how?utm_campaign=bl...

 

This raises an interesting question: Will the choice of instrumentation communication protocols impact on the level of security of the plant and its costs with protection (cyber security)?

How may I help with Instrumentation?
Tags (1)
Jeff_Blair
Schneider Alumni (Retired)
Schneider Alumni (Retired)
0
4596

Re: BuRe: Instrumentation Cybersecurity Lessons Learned From the Field

bipinzacharia 
 

 

 

Thanks for the feedback and inquiry.  To my knowledge, there is no specific code, standard, or recommendation that specifically addresses instrumentation cybersecurity.  ISA 62443 addresses the entire automation system including devices but there isn't much in there for instrumentation - it's recommendations are written around control systems, PLCs, DCSs, etc.

Some end users have adopted best practices and/or internal company standards and specifications that are similar to what I wrote, but nothing that's in the public domain that I'm aware of.

The US relies on the National Cybersecurity and Communications Integration Center (NCCIC), the Industrial Control Systems Cyber Emergency Response Team’s (ICS-CERT) 

and National Institute to Standards and Technology (NIST).  All three organizations have great cooperative recommendations.  With all three I see great recommendations for control systems and computer networks, but not much regarding the actual field devices.

 

To answer your questions:

1.  None that I am aware of.  However, the physical security of instrumentation prevents tampering from would be nefarious personnel or curious tinkerers.  That lack of tampering helps keep the instrument and it's connected control system secure.

2.  I'm going to assume that the practices I listed certainly help towards compliance with ISA 62443 and certainly agree with the published guidance issued by NCCIC, ICS-CERT and NIST.  But, no, I'm not aware of any specific standard met by these lessons.

 

 

Tags (1)
Jeff_Blair
Schneider Alumni (Retired)
Schneider Alumni (Retired)
1
4594

Re: Instrumentation Cybersecurity Lessons Learned From the Field

Thanks Ricardo. That article by Michael Pyle is enlightening and spot on.  I agree with all your points.

 

My cybersecurity experience is primarily the physical security of instrumentation to prevent any tampering.  Imagine tampering with an instrument that is not protected (it's in the open, not in a cabinet, and has a display with pushbuttons and no password).  A curious passerby or someone trying to deliberately change the configuration may be able to show a gas line pressure is actually much lower than what it really is.  The control system now thinks the pressure is low so perhaps it allows an increase in pressure - which would be very dangerous.

 

Protocols play a role for sure.  As protocols become more like what most home computer users are used to (i.e. ethernet), we as vendors and product managers play a more critical role in helping customers learn from our collective knowledge and experience how to keep their systems safe.


I believe a standard or code will come forward in the not too distant future to address these concerns.

Tags (1)
bipinzacharia
Crewman Crewman
Crewman

Re: Instrumentation Cybersecurity Lessons Learned From the Field

Thanks Jeff & Ricardo,

 

 

Beahan
Cadet
0
4212

Re: Instrumentation Cybersecurity Lessons Learned From the Field

Thanks for the information, keep sharing this type of info

Tags (2)