Chapter 13 - 03 - Understand OT Concepts, Devices, and Protocols PDF
Document Details
Uploaded by barrejamesteacher
null
Tags
Summary
This document is a chapter from a book on cybersecurity. It focuses on various concepts and components within operational technology (OT), including industrial control systems. It discusses the importance of OT in modern society and touches upon the security aspect of different components.
Full Transcript
Certified Cybersecurity Technician loT and OT Security Exam 212-82 Module LB Understand IoT Devices, Discuss the Security Communication Models Environments Application Areas, and in IoT-enabled Flow. f‘!r-‘ Understand OT Discuss the Security and Protocols Environments Concepts, Devices, Copyright py...
Certified Cybersecurity Technician loT and OT Security Exam 212-82 Module LB Understand IoT Devices, Discuss the Security Communication Models Environments Application Areas, and in IoT-enabled Flow. f‘!r-‘ Understand OT Discuss the Security and Protocols Environments Concepts, Devices, Copyright pyrig © byY in OT-enabled L Al Rights Reserved. Reproduction Is Strictly Y Prohibited [ P Understand OT Concepts, Devices, and Protocols Operational technology (OT) plays a major role in today’s modern society, as it drives a collection of devices designed to work together as an integrated or homogeneous system. For example, OT in telecommunications is used to transfer information from the electrical grid through wheeling power. The same telecommunications are also used for financial transactions between electrical producers and consumers. OT is a combination of hardware and software that is used to monitor, run, and control industrial process assets. This section discusses various important concepts related to OT. Module 13 Page 1592 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician loT and OT Security Exam 212-82 Operational Technology (OT) is the software and hardware designed to detect or cause changes in industrial operations through direct monitoring and/or controlling of industrial physical devices What is OT? — OT consists of Industrial Control Systems (ICS) to monitor and control the industrial operations Utility Sector Electricity Water Grid Gas Filling ‘ 8. v Gorvent Traffic Signal ! ‘ ‘:%\ Transportation ) i R Truck Rl 3 8 / | Surveillance ar oT MRI Scanner Healthcare Industry.\S Yy N L Microscope 'EJ ) > \e g Blometric Copyright © by iy 3 Fire Extingulsher Office Building EC-Council Al Rights Reserved. ReproductionIs Strictly Prohibited What is OT? OT is a combination of software and hardware designed to detect or cause changes in industrial operations through direct monitoring and/or controlling of industrial physical devices. These devices include switches, pumps, lights, sensors, surveillance cameras, elevators, robots, valves, and cooling and heating systems. Any system that analyzes and processes operational data (such as technical components, electronics, telecommunications, and computer systems) can be a part of OT. OT systems are used in the manufacturing, mining, healthcare, building, transportation, oil and gas, defense, and utility sectors, as well as many other industries, to ensure the safety of physical devices and their operations in networks. This technology consists of Industrial Control Systems (ICSs), which include Supervisory Control and Data Acquisition (SCADA), Remote Terminal Units (RTU), Programmable Logic Controllers (PLC), Distributed Control Systems (DCSs), and many other dedicated network systems that help in monitoring and controlling industrial operations. OT systems employ different approaches to design hardware and protocols that are unfamiliar with IT. Supporting older versions of software and hardware makes OT systems vulnerable to cyber-attacks, as developing fixes or patches for them is very difficult. Module 13 Page 1593 more Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician loT and OT Security Utility Sector Exam 212-82 Water Grid @ Transportation Traffic Signal Electricity @ @ Gasiling @ Surveillance - | ] ECG Machine o~ @...u) 0 Healthcare Industry Biometric Robot Fire Extinguisher Office Building Figure 13.12: Devices connected to an OT network Figure 13.13: Components of OT Module 13 Page 1594 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician loT and OT Security Exam 212-82 Essential Terminology @ Assets OT systems consist of physical assets such as sensors and actuators, servers, workstations, network devices, and PLCs, and logical assets such as flow graphics, program logic, databases, firmware, and firewall rules Zones and Conduits @ A network segregation technique used to isolate the networks and assets to impose and maintain strong access control mechanisms @ Industrial Network A network of automated control systems is known as an industrial network Business Network @ It comprises of a network of systems that offer information infrastructure to the business Industrial Protocols Protocols used for serial communication and communication over standard Ethernet. Ex: S7, CDA, CIP, Modbus, etc. Network Perimeter It is the outermost boundary of a network zone i.e. closed group of assets @ Electronic Security Perimeter Itis referred to as the boundary between secure and insecure zones Critical Infrastructure A collection of physical or logical systems and assets that the failure or destruction of which will severely impact the security, safety, economy, or public health Essential Terminology Discussed below are some of the most important and extensively used terms related to OT systems: = Assets Different components of OT are generally referred to as assets. Most OT systems, such as ICSs, comprise physical assets such as sensors and actuators, servers, workstations, Module 13 Page 1595 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician 10T and OT Security Exam 212-82 network devices, PLCs, etc. ICS systems also include logical assets that represent the workings and containment of physical assets, such as graphics representing process flow, program logic, database, firmware, or firewall rules. = Zones and Conduits Zones and conduits is a network segregation technique used to isolate networks and assets to impose and maintain strong access control mechanisms. * |ndustrial Network and Business Network OT generally comprises a collection of automated networked control systems. These systems are to achieve a business objective. A network comprising these systems is known as an industrial network. An enterprise or business network comprises a network of systems that offer an information infrastructure to the business. Businesses often need to establish communications between business networks and industrial networks. = Industrial Protocols Most OT systems employ proprietary protocols (S7, CDA, SRTP, etc.) or non-proprietary protocols (Modbus, OPC, DNP3, CIP, etc.). These protocols are generally used for serial communication and can also be used for communication over standard Ethernet using Internet Protocol (IP) along with transport layer protocols TCP or UDP. As protocols operate at the application layer, they are referred to as applications. = these Network Perimeter/Electronic Security Perimeter The network perimeter is the outermost boundary of a network zone, i.e., a closed group of assets. It acts as a point of separation between the interior and exterior of a zone. Generally, cybersecurity controls are implemented at the network perimeter. An Electronic Security Perimeter refers to a boundary between secure and insecure zones. = (Critical Infrastructure Critical infrastructure refers to a collection of physical or logical systems and assets, the failure or destruction of which will severely impact security, safety, the economy, or public health. Module 13 Page 1596 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.