Cryptographic functions in inudstrial control systems
Publish date: 2018-07-13
Report number: FOI-R--4596--SE
Pages: 45
Written in: Swedish
Keywords:
- Encryption
- Cryptographic functions
- Secure communications
- Industrial control systems
Abstract
Industrial control systems (ICS) face complex challenges as these, traditionally isolated, systems are becoming more and more connected to unsecure public networks. Industrial control systems control and monitor physical processes which seldom can be terminated prematurely without great economic consequence to the owning organisation. The fact that these systems can rarely be shutdown, in combination with a system life span that often exceeds 20 years, means that industrial control systems often operate with outdated technology; which in turn causes them to have greater exposure, and be more vulnerable to cyber-attacks. These systems impact the physical space - a successful cyberattack on an industrial control system can therefore have catastrophic consequences, not just economic but physically, and can in the worst case cause the loss of human life. This is why it is essential to protect industrial control systems from cyber-attacks. This report examines the need, use, and relevance of cryptographic functions as means of protection against cyber-attacks. The report is based on two types of information collection: literature studies and interviews. Two literature studies were conducted in order to (1) identify legal requirements and standards for cryptographic functions in industrial control systems. (2) Identify which cryptographic functions are appropriate to implement in the context of industrial control systems. Interviews were conducted with two operating organisations in industries with differing protection requirements, as well as one interview with a supplier of control system components. The results of the literature studies and the interviews leads to the recommendation to encrypt all external network traffic and stored data. The interview respondents were opposed to encryption of the internal networks as this significantly complicates monitoring of these networks. Instead they place great emphasis on authenticating communication in the internal networks.