Secrets of Crypto Technology Revealed for Enhanced ICS Cybersecurity (E12c)
In today’s connected digital world, cryptographic technologies are gaining rapid and wide-ranging acceptance. Cryptographic algorithms such as block ciphers, digital signature, message authentication, secure hashing and random number generation are the building blocks to any security system. However crypto modules are not widely adopted in the industrial control system (ICS). At the same time, ICS is vulnerable to cybersecurity attacks. Crypto modules together with these crypto algorithms will bring revolutionary changes to the many critical ICS market sectors. They address four key elements of security — privacy, authentication, integrity and non-repudiation (PAIN) — essential to ICS security implementation.
It’s a virtual certainty that cryptographic technologies will be adopted by ICS operators in the future. In the near term, security solutions incorporating encryption, authentication and digital signature will mitigate many existing ICS-specific threats to cybersecurity. It will, however, remain difficult to design and implement a secured network for the control system. All protocols and requirements must be carefully considered because a system is only as strong as its weakest link. Industrial control protocols such as S7Comm-plus and OPC UA are examples of where security design can be improved.
This session will evaluate best practices for the design and implementation of ICS-focused technologies, as well as the importance of employing NIST/NIAP-approved cryptographic ciphers. Use cases addressing ICS data integrity and authentication of ICS subsystems using cryptographic modules will be discussed.