Applied Risk: An established leader in Industrial Control Systems security

Applied Risk is focussed on critical infrastructure security and combating security breaches that pose a significant threat. Operating on a global scale, we work with a wealth of large organisations that rely on our expertise to safeguard their critical assets. Our proven experience of identifying vulnerabilities and security risks is based on methodologies honed over years of conducting assessments in industrial environments.

Our engineering experience and cyber security knowledge proves invaluable in securing the critical infrastructures and industrial assets of companies across the globe. We understand the need to maintain secure and reliable control environments, working across a range of industries we deliver solutions tailored to asset owners’ and manufacturers’ security requirements.

Industrial Control Systems (ICS) security is an engineering-based problem that requires an engineering-focused solution. Our offerings includes a wealth of engineering and technical assurance services, combined with comprehensive security assessments that cover the full spectrum of our client’s critical asset requirements while meeting industry standards.

Solutions

Guarding mission-critical industrial systems from the threat of cyber attacks requires a specific and focused security skillset that only comes with deep industry knowledge and associated experience.

Applied Risk helps clients to address and maintain defences against the ever-increasing threats targeting Industrial Automation and Control Systems environments. We enable asset owners, operators, government agencies and suppliers to stay up-to-date and identify appropriate mitigating controls for protecting Process Control and Industrial Automation systems against the latest threats.

Select a product or service below:

  • Products

    ICS Cyber Security Awareness Training
  • Services

    Industrial Automation and Control Systems (IACS) Security
  • ICS/SCADA Security Assessment & Penetration Testing
  • Risk and Vulnerability Assessment (RVA)
  • Embedded Security Assessment
  • Medical Devices Security Assessment
  • IoT Security Assurance Services

Industries

  • Power
  • Pharmaceutical
  • Oil & gas
  • Water
  • Manufacturing
  • Chemicals

Heightened levels of interconnectivity, driven by business requirements, are now leaving Industrial environments increasingly exposed to costly and dangerous cyber attacks, including Denial of Control (DoC); Loss of Control (LoC); Loss of View (LoV); and Manipulation of View (MoV).

> Read more

Labs

Applied Risk maintains a significant leadership in the IACS community through its interactions with end users and manufacturers as well as its advanced research initiatives. It is through this work that we can provide unmatched service delivery to its customers and partners.

This section outlines our dedicated research, with a focus on advisories and white papers for ICS/SCADA environments.

  • Advisories

    Our security advisories are the results of research activities conducted by our in-house research team. These focus exclusively on ICS/SCADA devices and technologies.

    Read more

  • Vulnerability Disclosure Policy

    It is the policy of the company to exercise the responsible disclosure of security vulnerabilities in a manner that is of maximum value to all affected parties.

    Read more

About us

  • Safety
  • Integrity
  • Customer focused
  • Innovation

Applied Risk was founded with one core mission: to secure critical assets in the industrial domain against emergent cyber threats. As a major cyber security player within the Industrial Automation and Process Control field, our primary objective is to offer the most advanced Industrial Control Systems (ICS) security technology solutions.

> Read more

Careers

The Industrial Automation and Control Systems (IACS) security field is growing rapidly and Applied Risk continues to grow to meet current and future customers’ needs. As a global IACS leader, we maintain very high levels of cyber security skills, engineering experience, and business confidentiality. If you have a solid background in Control Systems security or industrial automation engineering and are looking for the next level of challenge and commitment, we would like to hear from you.

> Read more

Advisory board

Auke Huistra

Auke Huistra
International Cyber Security Expert

> Read more

Auke Huistra

Christian Martorella
CISSP, CISM, CISA, OPSA and OPST

> Read more

Auke Huistra

Joe Weiss
PE, CISM, CRISC & ISA fellow

> Read more

Blog

IEC 61850: Are Your Substations Secure?

In a rapidly growing world, the demands for substation automation are increasing. Cyber security need and deployment of IEC 61850 have been key topics changing Substation Automation Systems landscape. The interconnectivity and level of grid automation, as well as IT/OT convergence are introducing a new era of challenges for electrical facilities. In the meantime, security issues for the power industry have become increasingly important topic internationally, and particular in the light of the Ukrainian electric grid hack.

The IEC 61850 protocols standard enable interaction with other systems. This allows devices in the power grid to communicate with each other using common IT (Ethernet) based networks. Due to this development, the energy networks have been exposed to the same vulnerabilities that IT based systems suffer from.

This article covers the security specifications of the IEC61850 standard with focus on vulnerabilities in the communication protocols and proposed countermeasures

plaatje.png

The good

Substation networks are often segregated from business networks, and should be not exposed to public network or Internet. This physical separation acts as a first line of defense to mitigate multiple attack scenarios, and should be maintained with care.

As part of the IEC 61850, protocol gateways are often used to limit the amount of data that will leave the substation. This is usually due the limited bandwidth of the telecommunication lines to the substations. This can be considered as a benefit since most of the IEC 61850 based substations are not directly interconnected on the network level. The protocol gateway acts as a buffer between the external network and the internal one. Therefore, this gateway should not be relied upon as a security control without thorough security testing.

In the meantime, implementation of TLS encryption for the IEC61850-8-1 (MMS) is provided by the IEC 62351-4 standard. The advantage of this is, that the connection can be authenticated, the channel can be encrypted and/or messages can be signed to ensure integrity of the communication. However the technical implementation of TLS for IEC61850 may vary between vendors, and might not always work, as the IEC 62351-4 standard is subject for interpretation on various technical details, and is not yet widely adopted by the industry.

The bad & the ugly

IEC 61850 has several security deficiencies that could be leveraged by skilled attackers to compromise the system, which could result in a blackout. The following key areas should be considered when adopting IEC 61850:

- Hardcoded functions: IEC 61850 contains powerful functions that can cause unexpected events to occur. This render the access control levels become very challenging and limit the security hardening on the device.

- Authentication: Authentication is available embedded in the IEC61850 MMS based protocol. However, the implementation is not widely supported, and uses plain-text passwords.

- Key management: Key management introduces additional risk, such as custom implemented key management infrastructure that does not address the right issues can leave a system exposed while providing a false sense of security.

- Firmware integrity: The firmware is usually not being signed, and there is no way to verify its integrity. This could allow some advanced attack scenarios especially if chain of supply is not controlled.

- Message Integrity (GOOSE): GOOSE protocol does not have any means to authenticate a publisher. This means that anyone on the network is able to impersonate a publisher. There has been some effort to secure GOOSE by including a signature, but it has been proven in 2010 that the timing and performance requirements of GOOSE for protection algorithms currently make it technically difficult to implement a satisfying solution using the existing specification.

Putting it together

Like other industrial protocols, IEC 61850 is not designed with security in mind, which could pose a serious risk for power companies if security is not addressed on timely manner.

With the expansion of IEC 61850 technology, this issue is growing at a fast rate as it is used across substations (tele protection), in windfarms (IEC61400), hydro power plants and even used as a DCS in a conventional power plant. Such applications are very far removed from what it initially was designed to do, and this allows for more unexpected side effects to emerge.

It is therefore recommended to take into account at minimum the following items when deploying IEC 61850:

  1. Ensure IEC 61850 is confined to the substation LAN, and cannot traverse outside of the substation
  2. Firewall on the substation level to block unauthorized traffic
  3. Monitor the substation network to detect suspicious behavior
  4. Restrict 3rd party access to the substation
  5. Ensure field engineers use dedicated machines to provision and maintain IEC 61850 enabled devices
  6. Set proper security requirements for vendors during the tendering process of IEC 61850 devices
  7. Ensure a solid security management process that focuses on the OT environment, and includes the IEC 61850 based substations within the scope
  8. Evaluate security of IEC 61850 enabled devices to early identify potential vulnerabilities and propose mitigating controls.

Visit Applied Risk’s Industrial Security Services to find out what steps you can take today to secure your substations from emerging cyber threats.