Securing Legacy Factory Equipment |


Cyber ​​security has become an issue that must be addressed by every industrial factory. Gone are the days when the factory was empty and safe from cyber intruders. Even an isolated site is not secure, as Stuxnet has proven. This virus arrived in a compromised USB drive which devastated a system that was not connected to the outside world.

New strategies are being developed to help factories secure their old equipment against cyber attacks. (Image source: Tripwire)

Most factory networks are connected these days. Even if the factory does not deploy IIoT connectivity, its network is likely sending data to the organization’s IT system so that managers can share production information with the office, customers, and suppliers. The latest factory equipment is equipped with cyber protection technology, but what about existing factory equipment? Protecting equipment that is decades old is essential in a world where the usefulness of industrial equipment is counted in decades.

Protect old plant networks

Security companies are developing strategies to enable cybersecurity on networks that include older factory equipment. The strategies consist of bringing everything on the factory network up to safety standards. “We’re not just looking at the network layer. We are looking at levels one and two, including devices directly in line with production equipment at manufacturing facilities, ”said Gabe Authier, senior product manager for industrial cybersecurity at Tripwire. Design News. “One approach is to use the IEC 62243 standard to make adjustments in the field, including adjustments to the firmware of devices due to their obsolescence. Then you start to consider upgrading the hardware in the factory to meet shop floor policies. “

ISA / IEC-62443 is a series of standards, technical reports and related information that define procedures for implementing electronically secure industrial control systems (ICS). The standards are intended for system integrators, security professionals and control system manufacturers responsible for the management of industrial automation and control systems.

Older factory equipment is vulnerable simply because it was built before Internet connectivity. “In general, the general weakness in cybersecurity in industrial control systems is that the devices were developed 20 or 30 years ago when security was not on anyone’s mind,” Authier said. . “A lot of these devices communicate over serial protocols. There was no idea to secure them in the 70s and 80s. It is these older devices that we need to be concerned about. They are a great weakness.

Cyber ​​attacks are evolving

Older factories face two formidable cybersecurity challenges: the equipment is not designed for cybersecurity, and the cyber attacks themselves are becoming increasingly difficult to detect. “The types of attacks are changing. They are getting much more sophisticated. The worms come in and can remain dormant for several weeks, days, or even months, until they see a chance to do malicious damage, ”Authier said. “Attackers are becoming more and more sophisticated, more aware of how weak devices are and how they can be exploited. “

Attackers seek out the weakest points in the industrial network. Often this includes the computers in the system. “The majority of attackers focus on Windows systems, where there are a lot of vulnerabilities,” Authier said. “Attackers are breaking into the ICS and exploiting the network in ways we’ve never seen before.

The prevention of attacks that enter through Windows is usually protected by patch updates. Still, patches require a restart which typically results in equipment downtime. “As Windows systems are under attack, fixes are important. The most sophisticated managers schedule their downtime for patches, ”Authier said. “Someone in a large organization discovered that their vulnerability was in IT. Yet when IT finds a vulnerable device on the OT network, a TTY is created and the factory has five days to fix it or the line is cut no matter what.


Organizations are starting to take security seriously, with mandates coming from the top down. This means that the factory must unequivocally comply with cybersecurity measures. “There is a lot of pressure for safety on the plant,” Authier said. “This pressure starts at the board level, where there is a new interest in securing all networks. It comes from those in top management who realize that vulnerabilities can harm the organization.

Rob Spiegel has covered automation and control for 17 years, including 15 years for Design News. Other topics he has covered include supply chain technology, alternative energy and cybersecurity. For 10 years he was the owner and editor of the food magazine Chili pepper.


Leon E. Hill

Leave a Reply

Your email address will not be published.