Making sure that network-enabled appliances are secure(d) in industrial environments is becoming more and more important these days as networks grow together and the sophistication of attacks increases.
I do a lot of work in industrial environments, ranging from building little embedded devices for simple stand-alone-tasks to connecting whole production lines to customer backend databases and ERP systems.
As more and more of these solutions and products of mine are network-enabled in some way or the other and therefore exposed to the world (read: connected to a private or even a public network), taking care of who can access them and interact with whatever functionality they provide is becoming critical.
The book “Industrial Network Security” by Eric D. Knapp and Joel Langill (Amazon) does a great job in giving a broad overview of ICS (industrial control systems) as well as cybersecurity in general. It details various aspects of what industrial networks comprise of, which protocols are popular these days, and tells about history and trends as well as real-world examples of threats and countermeasures.
I’m quite familiar with some protocols, networks and tools, but have never worked with others. This book did an outstanding job in rounding my understanding of those topics.
I especially liked that the authors not only describe and list technical information, but also write about “soft” topics like how to assess the current situation, behavioral aspects of users, establishing and implementing non-technical processes and tools, standards and regulations and many more.
I’ll continue to work on hardening my LabVIEW software products and devices, from obvious things like settings passwords for built-in configuration APIs (hello, Web-Based Monitoring and Configuration) to encrypting the – currently only obfuscated – networked communication over TCP and UDP (perhaps tunneling it through SSL)?
I’m also looking forward to Markus Haids presentation on “LabVIEW Safety” at the CLA Summit in Berlin next month.