No Silver Bullets for Security
A quick-fix security solution for cyberphysical systems doesn’t exist.
March 2, 2015
Silver bullets are a simple solution to getting rid of various mythical monsters; one shot, and they’re done. Unfortunately, securing cyberphysical systems is not so easy. As Frederick Brooks wrote 30 years ago: “There is no single development, in either technology or management technique, which by itself promises even one order-of-magnitude improvement within a decade in productivity, in reliability, in simplicity.”
Cyberphysical systems, where computers and the Internet meet the real world, cover a wide range of devices. Industrial automation, home control, smart grids, and medical devices are just a few examples. These machines make decisions and take actions based on inputs from physical readings. Cybersecurity for these systems is an extension of reliability, protecting them from faults or damage introduced by cyberattacks.
The enemy of the silver bullet solution is complexity. Shooting one werewolf is easy compared to stopping a horde of monsters with different strengths and weaknesses. And the most difficult type of complexity is accidental complexity, which is a reality for many systems and networks. You may start with carefully planned architectures, but growth, acquisitions, crises, and understaffing all contribute to complexity.
Start With Hardware
If there is no silver bullet, what is the solution? It starts at the edge with the hardware. You need to harden the devices and build them on a root of trust. Newer devices can have this designed in, while older ones can be protected behind specially designed gateways. A trusted operating system that can containerize applications to prevent them from seeing all of the system and protect them from each other is a critical component.
The next element is secure communications, both between and within devices. Encrypted virtual private networks should handle all process-to-process communications, regardless of source or destination. This provides an additional layer of authentication, while effectively protecting the system from both eavesdropping and data tampering.
Finally, you have to monitor and manage what is happening, looking for signs of attack, intrusion, or aberrant behavior. There will eventually be far too many devices for humans to monitor, so the best way to handle the necessary scale is with careful establishment of policies, followed by automation to enforce them. Separate systems that have no reason to communicate with each other, restrict access to sensitive data, and lock down single-function devices.
Cyberphysical systems and the Internet of things have tremendous potential to increase our capabilities, improve productivity, and enable new business models. However, if you do not take security seriously from the outset, a few disastrous security breaches could set the industry back a decade or more. At risk are more than a few million credit card numbers. Attacks on physical systems could damage equipment, disrupt services like electricity, and even cause serious physical harm. What has been happening so far to secure computer networks is not good enough, and status quo is not the answer. This is an arms race with serious consequences, and you owe it to your customers and your company to get ahead of the enemy.
About the Author
You May Also Like