The Other Side of Cybersecurity: The OT World

(To Umberto Cattaneo)
06/11/24

When we talk about cybersecurity, the protection of personal data, privacy protection, access to social profiles, and the resulting protection measures to limit the risk of losing the confidentiality of personal data, even of critical importance, immediately comes to mind.

But there is a world that, even using technologies derived from the world of information technology, needs to protect itself from threats that can intervene by blocking physical production processes, putting material devices at risk, and even causing harm to people.

The world ofOperational technology It is made up of that part of systems, devices, HW and SW components dedicated to making machines, networks, tools that are part of our daily life and on which we depend work correctly: the switches of a tram or a train, the regulation of the lights of a traffic light, the mixers of a chemical plant, a food factory, the ovens of a steel mill, the systems of a hospital are regulated by OT systems, which have many technologies in common with the IT world, but have fundamentally different characteristics and therefore their protection cannot be the same as that which applies in the context of the protection of personal data.

We can summarize the main differences between the IT and OT worlds in 5 elements: priorities, risks, environment, performance, availability.

Let's look at them individually.

In the IT field, we know, information confidentiality is the most important factor in the cybersecurity triad. In the OT field, above all, it is necessary to guarantee the correct continuity of operation in a process, since a shutdown or uncontrolled change in set-point could lead to catastrophic damage in a plant or community.

I risks are different, and in the OT field they can have dramatic consequences: think of an industrial plant in which the regulations are put out of control, or a dam in which the turbine parameters have been hacked, or an oil pipeline in which the pumps are deactivated. The impacts can directly involve health, the environment and production.

- operating environments are different: in the OT area, systems may find themselves operating in extreme environments in terms of temperature, humidity, magnetic fields, and certainly not in data centers. In addition, OT devices and systems are replaced much less frequently than IT systems, with consequent peculiarities to take into account for updates.

Le performance OT systems have special needs: processes require checks and actuations in the order of milliseconds, delays or latencies in the network are not allowed.

La systems availability It is an absolute priority, and therefore unplanned reboot operations are not possible, and tests on production systems cannot be performed, to avoid dangerous knock-on effects.

In light of the above, it is clear that specific knowledge and caution are necessary when operating in the OT world and consequently also the standards and best practices must be specific.