Ensuring OT Integrity and Establishing a Risk-based Approach to Manage OT Vulnerabilities
Industrial processes are monitored through hundreds or thousands of sensors / field instruments. It is critical to ensure that these sensors are configured to work optimally, and their configuration parameters (e.g. Range, Engineering Units, Limits, damping etc.) maintains a single version of truth i.e. consistent values across all the related OT Endpoints i.e. iAMS, DCS, SIS, SPI (Smart Plant Instrumentation) System.
Imagine a Critical (HIHI or LOLO) SIS alarm integrity, if the sensor Range (LRV or URV) is in-correct. This can lead into: Poor / Uncertain plant performance as the Sensor Range Value differs among different data sources.
In this case existing procedures to perform ‘Manual Data Reconciliation’ are error prone, time consuming and costly as the complexity increases manifold due to:
Difference in the make, model, or revision of these sensors.
Heterogeneous complexity from multiple sensor / field instrument asset management systems.
Another use case is for the the IIoT-connected sensors (e.g. being use for asset management applications) that expands the OT Cyber-attack surface therefore the assurance that the sensor is secure is extremely important
PAS’s Sensor Data Integrity using PAS’s Cyber/Automation Integrity Platform enables Automatic Data Collection of the Smart Sensors Configurations from the iAMS, DCS, SIS and SPI and delivers following use cases:
• Automated solution to detect inconsistencies / errors
• User defined templates to define “good” and identify key parameters
• Identify Sensors / field instruments that don’t match template
• Cross-check crucial parameters (ranges, units, etc.) against various databases
• Evaluate large data sets quickly to focus on correcting the issues, rather than trying to find them.
• From Level 0 Devices to Level 1 Devices to Level 2 Devices
o Signal Tracing and Validation
o Configuration Management
o Inventory Management
o Vulnerability Management
• Analysis on
o Devices with Defects by Manufacturer,
o Devices with Defects by Device Type,
o Devices with no Template,
o Devices with Defect by Priority
Syed M. Belal (Author/Presenter)
Global Director, OT Cybersecurity Consulting
Hexagon AB
Syed M. Belal is the Director of OT Cybersecurity Consulting Services based in Manama, Bahrain. Syed has more than 14 years of experience in industrial control systems (ICS) and operational technology (OT) applications with a focus on networking and cybersecurity. He joined PAS, part of Hexagon PPM, in 2017, after a nine-year tenure as Schneider Electrics' Lead Cybersecurity Consultant in Dubai, UAE. He has specific expertise in industrial automation, SCADA, control, and safety systems often used in critical infrastructure. Today, as the Director of OT Cybersecurity Consulting Services, he is responsible for the strategy, growth, and support of PAS’ OT cybersecurity business globally.
Syed has a B.S. (summa cum laude) in Electrical Engineering (Control and Communication Systems) with a minor in Computer Engineering (Computer Communications and Networks) from the American University of Sharjah in UAE and an M.B.A. (with distinction) in Business Strategy from the University of Strathclyde in the United Kingdom.
Syed has presented at numerous industry programs and conferences around the world. He Completed the ICS Cybersecurity programs offered by the United States Department of Homeland Security ICS-CERT (Industrial Control Systems Cyber Emergency Response Team). He holds a multitude of industry certifications including CISSP®, CISA®, CISM®, and ISA/IEC-62443 Cybersecurity Fundamentals Specialist.
Mathew Thomas (Author/Presenter)
Senior Industry Consultant
Hexagon AB
Mathew V. Thomas is a Technical Consultant working with PAS part of Hexagon, based out of Bahrain. Mathew holds a Bachelor's degree in Chemical Engineering with 18 years of experience in the manufacturing and automation industry. He has a diverse range of experience in Plant Manufacturing Operations, Enterprise Asset Management, Alarm Management, Plant Information Systems, and Manufacturing Execution Systems. Prior to joining PAS, he worked with Reliance Industries Ltd, Invensys, and most recently with Yokogawa Middle East and Africa as the Leader for the Advanced Information Management Systems based out of Bahrain.