Guest Blogger Andrew Ginter is the Director of Industrial Security for Waterfall Security Solutions. Prior to joining Waterfall he wrote the popular Control System Security blog.
Eric Byres recent post claiming the #1 ICS and SCADA Security Myth is protection by air gaps struck a cord with me. I have been thoroughly distracted of late with my new role at Waterfall Security Solutions but even so I could not let this one go by. Old-school air gaps are still used occasionally, in the most sensitive control systems. The rest of the time, technologies like data diodes or unidirectional gateways provide the the most important benefits of truly air gapped control systems, while still permitting businesses to profit from access to the real-time data produced by their control systems. (FD: Waterfall Security Solutions makes and sells unidirectional gateways tailored for the ICS market)
True Air Gaps
Old-school air gaps are still used routinely, in very sensitive installations, in classified government installations, and in very cautious installations. For example, the water sector still uses air gaps routinely, and many sectors use true air gaps to isolate safety systems. The benefits of true air gaps are clear – absolute protection from certain classes of network-based threats. If you have a true air gap – complete disconnection of some or all of your control network from any external network – then that system is invulnerable to distributed denial of service attacks, remote control attacks, worms and any other network-based attack originating on an external network, including the Internet.
The cost of true air gaps are clear as well – limited access to real-time data. I remember the mid 1990’s when most process industries were connecting their real time systems to Enterprise Resource Planning (ERP) systems like SAP. Simple applications with fancy names were being installed, which took advantage of real-time access to raw material inventories, finished goods inventories, product quality data and equipment usage data. The motive was clear – generally 3-8% cost savings at a large facility. By now most sites have deployed this kind of applications and are seeing cost savings as a result, and sometimes revenue benefits as well. No site is willing to give up these benefits.
Access to real-time data has real value. If you “pull the plug” on the connection(s) to the corporate network, control systems generally continue to run safely, indefinitely — but few of those sites can make money any more. Access to real-time data is essential to profitability.
Most Important Benefits
The good news: it is possible to enjoy both the most important security benefits of true air-gaps, and the most important business benefits of access to real-time data. Many sites, both air-gapped and not, are turning to unidirectional technologies for these benefits.