Understanding Operational Technology (OT)

Questions and Answers

What does OT stand for?

Operational Technology

What is the main focus of security in IT?

Confidentiality, integrity, and availability of systems and data.

What are the main components of OT?

ICS, SCADA, PLCs, IEDs.

What does ICS stand for?

Industrial Control Systems

What is the function of SCADA systems?

Collect data from sensors at remote locations and send it to a central computer for control.

What is the function of IEDs?

Issue commands to power system equipment (like circuit breakers) based on data from sensors.

What does IIoT stand for?

Industrial Internet of Things

What are the five core functions of an OT security framework?

Logging and monitoring

What is the most critical boundary in OT segmentation?

IT/OT boundary

Why is logging and reporting crucial in OT security?

Facilitates incident response

What is the most important standard for OT security across all sectors?

IEC 62443

Study Notes

OT and OT Security

• OT (Operational Technology) refers to hardware and software that detects or causes change through direct monitoring and/or control of industrial equipment, assets, processes, and events.
• OT security involves practices and technology used to protect people, assets, and information in OT environments.

Industries Where OT is Used

• Manufacturing
• Automotive
• Medical systems
• Military systems
• Power
• Refineries
• Pipelines
• Chemicals
• Water

Main Focus of Security in IT vs OT

• IT: Confidentiality, integrity, and availability of systems and data
• OT: Safety - the physical well-being of people, equipment, and the environment, preventing injury and damage

Main Components of OT

• ICS (Industrial Control Systems)
• SCADA (Supervisory Control and Data Acquisition)
• PLCs (Programmable Logic Controllers)
• IEDs (Intelligent Electronic Devices)

Functions of OT Components

• SCADA: Collect data from sensors at remote locations and send it to a central computer for control
• PLCs: Connect sensors and RTUs to the SCADA system, collecting and passing data in real time
• IEDs: Issue commands to power system equipment (like circuit breakers) based on data from sensors

Components of SCADA

• Sensors
• PLCs
• RTUs (Remote Terminal Units)
• DCS (Distributed Control Systems)

IIoT and OT Security Framework

• IIoT (Industrial Internet of Things)
• Five core functions of an OT security framework:
  • Asset Identification/management
  • Access control
  • Network segmentation
  • Logging and monitoring
  • Risk management

Fortinet Products for OT Security

• NGFW (Next-Generation Firewall)
• FortiNAC (Network Access Control)
• FortiSIEM (Security Information and Event Management)
• FortiAuthenticator
• FortiClient
• FortiToken
• FortiSOAR (Security Orchestration, Automation and Response)

Security Measures for OT

• IT/OT boundary: the most critical boundary in OT segmentation
• Electronic Access Point (EAP): the critical access point in the NERC-CIP standard
• Logging and reporting: crucial for threat hunting, auditing, and incident response
• Risk management: evaluating potential risks and consequences to implement appropriate controls

Industry Standards and Frameworks

• IEC 62443: the most important standard for OT security across all sectors
• NIST Cybersecurity Framework: integrates industry standards and best practices for managing cybersecurity risks
• Purdue Model: defines segmentation of OT networks based on operational needs
• IEC 62443 standard: defines four security levels (Level 1: Casual exposure, Level 2: Intentional attack with low resources, Level 3: Intentional attack with moderate resources, Level 4: Intentional attack with extensive resources)

Description

Learn about Operational Technology (OT) and its applications in various industries, as well as the importance of OT security.