Security principles - Security Best Practices for Manufacturing OT

Security principles

The following key security principles for on-premises OT security are adapted from the Security Pillar design principles of AWS Well Architected Framework, NIST guidelines on ICS cybersecurity, NIST guidelines on zero trust architecture and IEC 62443 standard series. They are adapted and augmented to suit the challenges of the hybrid manufacturing environment. They provide a set of core fundamental guidelines to apply when thinking about the security of the hybrid manufacturing environment.

  • Secure all communications — Network location alone doesn’t imply trust. Historically, OT environments have been air-gapped systems, with perimeter security as the primary defense mechanism for these networks. As such, the resources within the network perimeter are considered “trusted” and don’t use any security mechanism. This principle states that all communication, whether it’s inside the network perimeter or outside, should be done in the most secure manner possible, providing source authentication and protecting confidentiality and integrity. Application of Zero Trust principles, including existing methods, such as network segmentation and segregation (like cell / zone / area segmentation) can shrink these traditional trust boundaries and reduce the reliance on network location.

  • Enable traceability — Traceability is key in maintaining and operating secure industrial networks. An enterprise should monitor, alert, and audit actions and changes to the environment in real time. It should collect data about asset inventories (hardware and software), network traffic, access requests, and associated logs and metrics. These data collection systems should be integrated with systems to automatically investigate and take actions. The data should also be analyzed to get insights to improve policy creation and enforcement.

  • Protect data in transit and at rest — Data should be secured by classifying it into sensitivity levels and using mechanisms, such as encryption, tokenization, and access controls where appropriate. While data classification is not as commonplace in the manufacturing industry (as compared to financial or healthcare industry), the key takeaway is that extra scrutiny may be necessary for certain types of data. Data loss prevention (including backup, redundancy, disaster recovery) is also a part of protecting and securing data.

  • Apply security at all layers — Apply a defense in-depth approach with multiple security controls. Apply security at all layers (for example, VPC in the AWS Cloud, edge network, OT network, compute instances, operating systems, application, and code).