ICS Gets Improved Security

Oct. 30, 2012
New Specification Adds Additional Layers of Security to Standard Shared Network Infrastructures

Trusted Computing Group (TCG) published a new specification that adds additional layers of security to standard shared network infrastructures, helping to protect critical energy, utility, healthcare and manufacturing systems.

A 2011 NIST report on the topic of industrial control systems security notes that integrating IT networks with traditional industrial control systems (ICS) — such as SCADA systems, sensors, actuators and controllers — has opened these networks to external threats, and the problem is exacerbated by the growing use of wireless connectivity.

The TCG IF-MAP Metadata for ICS Security specification facilitates the deployment, management and protection of large-scale industrial control systems by enabling creation of secure virtual layer 2 and/or layer 3 overlay networks on top of standard shared IP network infrastructure typically used in industrial control systems. Overlay networks isolate key components of these systems into protected enclaves.

The TCG specification builds on the soon-to-be-published ISA100.15 architectural model for secure ICS communications over untrusted shared networks, which contains a new architectural model, use cases, and functional requirements such as identity-based access policy, device identification, and certificate lifecycle management.

Secure the Layers
TCG IF-Metadata for ICS Security creates multiple isolated overlay networks.

Source: Trusted Computing Group