Understanding the Cybersecurity Standards Enabling Trusted IIoT Connections
By Max Wandera, Contributor
Today’s exponential industrial internet of things (IIoT) growth creates a crucial need for robust cybersecurity practices and well-defined standards that provide customers with confidence that their connected devices will operate securely throughout their entire lifecycle.
By 2025, 41.6 billion connected devices will be generating 79.4 zettabytes (ZB) of data that will need to be securely maintained and processed. Analysts forecast that this increase in connected devices and the data they generate will continue to grow exponentially. Our world is also becoming increasingly electrified. The increase in critical data and computing is expected to require four times more electricity over the next decade.
A world with amped up connectivity and electrical demand needs confidence that electrical power systems are constructed with trusted products. Cybersecurity is a must-have for product development, much like safety and quality. This means strict procedures and cybersecurity protocols need to be integrated at every phase of product development that involve people, processes, and technologies.
Cybersecurity Certifications for Connected Products
For power management devices that are connected, UL created its 2900 Standard for Software Cybersecurity for Network-Connectable Products (UL 2900). These guidelines were the first of their kind and include processes to test devices for security vulnerabilities, software weaknesses, and malware. This standard confirms that the device manufacturer meets the guidelines for:
- Risk management processes
- Evaluation and testing for the presence of vulnerabilities, software weaknesses, and malware
- Requirements for security risk controls in the architecture and product design
UL also provides a Cybersecurity Client Lab Validation program for manufacturers, which certifies testing laboratories with the global capability to test products with intelligence or embedded logic to key aspects of its 2900 standard. By purchasing products tested in these specialized labs, customers can rest easier, knowing their devices are compliant with the industry’s highest cybersecurity requirements before they’re installed in critical systems.
Similarly, the International Electrotechnical Commission (IEC) adopted the 62443 series of standards, which provides a framework to address the cybersecurity of Industrial Control Systems. These standards provide requirements for all the principal roles across the system lifecycle – from product design and development through integration, installation, operation, and support. In 2018, the IEC added 62443-4-2 to improve the security of products.
Just as product cybersecurity certifications are needed to support trusted connectivity, it is equally important to validate that manufacturers apply secure product development principles to product development. This can be confirmed through an accredited Secure Development Lifecycle (SDL) that provides assurance that cybersecurity has been embedded throughout the entire product development process.
What is a Secure Development Lifecycle (SDL)?
SDL was created in response to an increase in virus and malware outbreaks at the turn of the twenty-first century. This approach to product development places cybersecurity front and center from inception to deployment and lifecycle maintenance. SDL can help manufacturers stay ahead of cybercriminals by managing cybersecurity risks throughout the entire lifecycle of a product or solution.
As an early spearhead of the SDL initiative, Microsoft made its SDL tools, processes, and guidelines widely available. Since then, SDL has been widely adopted across industries including electrical and critical infrastructure. Today, SDL is a proven strategy to address risk proactively with a system-wide defensive approach.
For manufacturers, adopting an SDL approach that has been validated by a third-party is critical to creating trusted environments. It’s the third-party certification that gives customers confidence in the processes and technologies they’re applying, much like safety certifications and standards in the National Electric Code.
Standards for SDL Build Confidence
Although SDL is not an inherent code or standard, it does dictate how cybersecurity should be integrated into processes for product procurement, design, implementation, and testing teams.
IEC 62443-4-1 lays out guidelines for secure product lifecycle development in the electrical industry. The IEC guideline specifies process requirements for the secure development of products used in industrial automation and control systems. It defines a secure development lifecycle for developing and maintaining secure products. These guidelines can be applied to new or existing processes for developing, maintaining, and retiring hardware, software, or firmware for new or existing products.
Third-party validation for SDL processes is important because it provides customers with confidence and helps reduce risk by confirming that the technologies and processes they’re applying comply with proven industry guidelines. At Eaton, we take SDL very seriously to proactively manage cybersecurity risks in products through a framework involving threat modeling, requirements analysis, implementation, verification, and ongoing maintenance.
How SDL Protects Electrical Systems in The Long Term
A “defense in depth” mechanism that is effective today may not be effective tomorrow because the vulnerabilities keep evolving. This is why administrators of industrial control system networks must be ever-alert to changes in cybersecurity landscape and work to prevent any potential vulnerabilities.
The cybersecurity process certifications outlined by IEC provide customers with confidence that manufacturers have instilled the organization-wide approaches needed to ensure robust cybersecurity over the lifecycle of any given product.
Unifying Global Cybersecurity Standards for Connected Products
The security of a network or system is only as strong as its weakest link. Organizations should employ basic cybersecurity hygiene and continuously analyze emerging threats to ensure systems are deployed securely. Additionally, companies should take inventory of everything connected to their networks and employ a zero-trust model.
As more manufacturers and industries build and deploy IIoT devices, the security and safety of systems providing essential operations become more important and more difficult to manage. These complexities are due, in part, to a lack of a global, universally accepted cybersecurity standard and conformance assessment scheme designed to validate connected products.
The economic challenges to safeguarding IIoT ecosystems spawn from the complex manufacturing supply chain and the difficulty of assigning clear liabilities to manufacturers and system integrators for any vulnerabilities introduced. Most products and systems assemblies consist of components from different suppliers. Where should the element of trust begin and end if there is no global conformity assessment scheme to ensure that products and systems are designed to be compliant with the global standards defined by the industry?
There are currently a multitude of different standards and regulations created by various organizations, countries and regional alliances across the globe. All these standards and regulations address the urgent need to secure our connected world, however they also create the potential for confusion and possibility of weak links in critical infrastructure ecosystems. A unified global conformance assessment would address these challenges and more. The time to drive this singular certification is now. We’re working with leaders across the industry to do just that. ESW
Max Wandera is the Director, Product Cybersecurity Center of Excellence at Eaton (www.eaton.com).