Hardware Platforms for ICS/OT Vulnerability Management

Background

OT and IT networks operate in different environments, serve different purposes, and have different objectives and risks. IT systems primarily involves storage, retrieval, and transmission of digital information, thus will prioritize protecting data and confidentiality. An OT system will prioritize the safety and availability of equipment and processes.

As digital systems continue to connect to industrial systems, IT and OT network are also becoming more interconnected, creating improved production growth and new opportunities, however, this convergence also exposes OT networks to an advanced cyber-threat landscape.

A comprehensive cybersecurity strategy must consider the entire security lifecycle, and require significant improvements in OT/ICS cyber security to defend against cyber-attacks and threats.

Requirements

IT and OT systems are both mission-critical, but in most cases OT systems are also safety-critical. A leading provider specializing in developing security risk management solutions came to Lanner in search of a rugged ICS/OT hardware appliance. The hardware appliance must be sufficiently robust and powerful in order to make available the following functionalities:

  • IEC-61850-3 & IEEE 1613 Certifications

The environment in critical infrastructure is harsh, with unexpected ambient temperature or other external factors. Thus, deployments in such environments require IEC-61850-3/IEEE 1613 certifications to withstand the external environment impacts.

  • Wide operating temperature

Given the extreme temperature in a critical infrastructure environment, the system must be able to operate at a wide temperature range.

  • Advanced LAN Bypass

Fault-tolerant LAN traffic is essential in ICS communication in case failure occurs.

  • Dual power path

For equipment deployed in the utility sector, a reliable power supply is essential, and a dual power path can offer even higher stability in OT domains.

Solution

Organizations that are looking to purchase an ICS scan/probes solution should consider going with a hardware appliance for maximum ease of use and rapid deployment. That’s where Lanner Industrial Appliance comes in. This solution solves the visibility challenge for industrial organizations and vulnerability management with customization.

Lanner’s LEC-6041 is designed to protect the communication in both IT and OT/ICS domains. LEC-6041 Series is empowered by Intel Atom® x7-E3950 or x5-E3930 for low power consumption and high processing performance. As a rugged firewall deployed in challenging environments, LEC-6041 comes with IEC 61850-3 and IEEE 1613 certification, as well as 1.5 KV magnetic isolation protections for LAN port and 15KV ESD Protection for I/O ports. The system is designed for use in harsh environments and can operate in a wide range of operating temperature from -40°C to 70°C. All of the hardware designs assure that the security gateway LEC-6041 will never have downtime even when operating in hazardous surroundings such as an OT/ICS environment.

Hardware Platforms for ICS/OT Vulnerability Management was last modified: September 16th, 2021 by Fernando Contreras