September 22, 11:00 - 11:30 a.m. with Klaus-Dieter Walter, SSV Software Systems
Cyber resilience for networked automation
Virtually every relevant standard or standard text on cybersecurity in the Internet of Things or in networked automation (i.e. in OT environments) requires software update options for all relevant components. This should actually improve the security of an application, as a software patch is simply carried out if vulnerabilities are subsequently identified. In many cases, such a requirement is fulfilled via an over-the-air (OTA) update solution. However, it should be noted that such update interfaces create completely new points of attack for cyberattacks, which can be exploited very effectively.
Such OTA update attacks are known as "software supply chain attacks". They were used for the SolarWinds attack in 2021 (even Microsoft was affected). In early 2022, as part of the attack on Ukraine, they probably also destroyed the satellite modems of 6,000 Enercon wind turbines and tens of thousands of internet users as collateral damage.
In an OT environment (in terms of security, IEC 62443 applies here), a control module must not trust even the standard-compliant patch (zero trust). In this respect, the article shows how the NIST basic concept for cyber resilience from "Protection, Detection & Recovery" can be transferred to automation in order to independently detect a software supply chain attack and automatically restore a secure initial state using suitable countermeasures.