Chapter 13 - 03 - Understand OT Concepts, Devices, and Protocols - 02_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Chapter 2 - 07 - Understand IoT, OT, and Cloud Attacks - 02_ocred.pdf
- Certified Cybersecurity Technician Exam 212-82 PDF
- Chapter 13 - 02 - Discuss the Security in IoT-enabled Environments - 01_ocred.pdf
- Chapter 13 - 02 - Discuss the Security in IoT-enabled Environments - 02_ocred.pdf
- Chapter 13 - 02 - Discuss the Security in IoT-enabled Environments - 03_ocred.pdf
- Chapter 2 - 07 - Understand IoT, OT, and Cloud Attacks - 02_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 1oT and OT Security IT/OT Convergence (IIOT)...
Certified Cybersecurity Technician Exam 212-82 1oT and OT Security IT/OT Convergence (IIOT) Improved security, quality and productivity. Storage and Data Processing sQL, sQy, Java, Python, etc. IT/OT convergence is the integration The IT/OT convergence can Using this Internet of Things (loT) of IT computing systems and OT enable smart manufacturing for industrial operations such as operation monitoring systems to known as industry 4.0, where monitoring supply chains, bridge the gap between IT/OT loT applications are used in manufacturing and management technologies for improving overall industrial operations systems is referred to as Industrial security, efficiency, and productivity Internet of Things (lloT) Copyright © byby EC-Council EC-C: AL Al AN Rights Reserved. Reproductioniss Strictly Prohibited. IT/OT Convergence (IIOT) IT/OT convergence is the integration of IT (information technology) computing systems and OT operation monitoring systems. Bridging the gap between IT and OT can improve the overall business, producing faster and efficient results. IT/OT convergence is not just about combining technologies but also about teams and operations. IT and OT teams are traditionally separated and are found in their respective domains. For instance, IT teams monitor internal processes such as programming, updating systems, and safeguarding networks from cyber-attacks, whereas OT teams ensure overall maintenance and management, including that of employees and industrial equipment. IT/OT teams are required to understand each other’s operations and working structure. This does not mean switching IT engineers into field/plant engineers or vice versa; it is about building a bridge between them to co-operate with each other to improve security, efficiency, quality, and productivity. Benefits of merging OT with IT IT/OT convergence can enable smart manufacturing known as industry 4.0, in which loT applications are used in industrial operations. Using the loT for industrial operations such as monitoring supply-chain, manufacturing, and management systems is referred to as the Industrial Internet of Things (lloT). The following are some of the benefits of converging IT/OT: = Enhancing Decision Making: Decision making can be enhanced by integrating OT data into business intelligence solutions. * Enhancing Automation: Business flow and industrial control operations can be optimized by OT/IT merging; together they can improve the automation. Module 13 Page 1597 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 loT and OT Security = Expedite Business Output: IT/OT convergence can organize or streamline development projects to accelerate business output. = Minimizing Expenses: Reduces the technological and organizational overheads. = Mitigating Risks: Merging these two fields can improve overall productivity, security, and reliability, as well as ensuring scalability. Mechanical Devices IP STTTPRIPPRPRP STTTTTTITIPIrrpS asrasnssnssnsasnsanse T Cloud SCADA ¥Goorrnrene S £.............. » Internet Improved OT security, IT Dasssnnsnned > CETTTRPPIITY. Networks s i ey quality and quality and = productivity PLCs Crrrrrnnns.\ Lovrrnnnns gronssnssnnsnsd » Storage and Storage and PLCs Data Processing........................ > sQL, Java, RTUs %> STITTITIITITII O TTTTT PP SQl, Java, Python, etc. Figure 13.14: IT/OT convergence Module 13 Page 1598 Certified Cybersecurity Technician Copyright © by EC-Council EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 loT and OT Security The Purdue Model t=l i IT Systems Level 5 Enterprise Network _ - \‘ mr |J (Enterprise T TR : || “I | Zone) Level 4 Business Logistics Systems i g b.” ke "fl," i - Industrial Demilitarized Zone (IDMZ) - oT Hm-i. Systems (Manufact urin Zone) Copyright © by All Rights Reserved. Reproduction The Purdue Model The Purdue model is derived from the Purdue Enterprise Reference Architecture (PERA) model, which is a widely used conceptual model that describes the internal connections and dependencies of important components in ICS networks. The Purdue model is also known as the Industrial Automation and Control System reference model. The Purdue model consists of three zones: the manufacturing zone (OT) and enterprise zone (IT), separated by a demilitarized zone (DMZ), which is used to restrict direct communication between the OT and IT systems. The intention behind adding this extra layer is to confine the network or system compromises within this layer and provide uninterrupted production. The three zones are further divided into several operational levels. Each zone, with associated levels, is described below: I P —. " P IT Systems Level 5 Enterprise Network (Enterprise Zone) Level 4 Business Logistics Systems Industrial Demilitarized Zone (IDMZ2) Hfifihi Dpe y Dperation oT A (Manufact i i uring Basic Controls/Intelligent Devices Zone) Level 0 Physlcal Process Figure 13.15: The Purdue model Module 13 Page 1599 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 1oT and OT Security Enterprise Zone (IT Systems) The enterprise security zone is a part of IT, in which supply-chain management and scheduling are performed using business systems such as SAP and ERP. It also locates the data centers, users, and cloud access. The enterprise zone consists of two levels. o Level 5 (Enterprise Network) This is a corporate level network where business operations such as B2B (business- to-business) and B2C (business-to-customer) services are performed. Internet connectivity and management can be handled at this level. The enterprise network systems also accumulate data from all the subsystems located at the individual plants to report the inventory and overall production status. Level 4 (Business Logistics Systems) All the IT systems supporting the production process in the plant lie at this level. Managing schedules, planning, and other logistics of the manufacturing operations are performed here. Level 4 systems include application servers, file servers, database servers, supervising systems, email clients, etc. Manufacturing Zone (OT Systems) All the devices, networks, control, and monitoring systems reside in this zone. The manufacturing zone consists of four levels. o Level 3 (Operational Systems/Site Operations) In this level, the production management, individual plant monitoring, and control functions are defined. Production workflows and output of the desired product are ensured at this level. Production management includes plant performance management systems, production scheduling, batch management, quality assurance, data historians, manufacturing execution/operation management systems (MES/MOMS), laboratories, and process optimization. Production details from lower levels are collected here and can then be transferred to higher levels or can be instructed by higher-level systems. Level 2 (Control Systems/Area Supervisory Controls) Supervising, monitoring, and controlling the physical process is carried out at this level. The control systems can be DCSs, SCADA software, Human—Machine Interfaces (HMIs), real-time software, and other supervisory control systems such as engineering works and PLC line control. Level 1 (Basic Controls/Intelligent Devices) Analyzation and alteration of the physical process can be done at this level. The operations in basic control include “start motors,” “open valves,” “move actuators,” n u etc. Level 1 systems include analyzers, process sensors, and other instrumentation systems such as Intelligent Electronic Devices (IEDs), PLCs, RTUs, Proportional Integral Derivative (PID) controllers, Equipment Under Control (EUC), and Variable Module 13 Page 1600 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 10T and OT Security Frequency Drives (VFDs). PLC was used in level 2 with a supervisory functionality, but it is used as a control function in level 1. o Level 0 (Physical Process) In this level, the actual physical process is defined, and the product is manufactured. Higher levels control and monitor operations at this level; therefore, this layer is also referred to as Equipment Under Control (EUC). Level O systems include devices, sensors (e.g., speed, temperature, pressure), actuators, or other industrial equipment used to carry out the manufacturing or industrial operations. A minor error in any of the devices at this level can affect overall operations. * Industrial Demilitarized Zone (IDMZ2) The demilitarized zone is a barrier between the manufacturing zone (OT systems) and enterprise zone (IT systems) that enables a secure network connection between the two systems. The zone is created to inspect overall architecture. If any errors or intrusions compromise the working systems, the IDMZ holds the error and allows production to be continued without interruption. IDMZ systems include Microsoft domain controllers, database replication servers, and proxy servers. Module 13 Page 1601 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.
