iSOC: A new concept in cibersecurity

I’m sure we all have sketched a smile when seeing photographs or videos of strange artifacts powered by steam or internal combustion engines. Most of these inventions failed because the technology used didn’t fit the purpose they were meant for. Seen with modern eyes it’s just so naïve to try to fly a plane fitted with a steam engine. However, those inventors were not as dumb as their failure suggests. They were intelligent people (or, let’s say, not less intelligent than average) trying to solve the problems of their time with the technology available.

Steam powered the beginning of industrialization, granting people access to energy at a scale never seen before. This brand new technology lead to an engineering and cultural revolution that paved the way to our modern society. The Industrial Revolution beginnings were times of faith in progress, of unleashed collective optimism. Steam-powered machines were regarded as the key to all kind of engineering problems that remained unsolved so far.

But you better think it twice next time you see one of these bizarre devices. No matter how naïve you regard them, an observer from the future could blame us just the same. I’m sure you will ask for indulgence when, some years from now, people wonder why XXI century engineers decided to connect all kinds of devices and systems to a public communication network as the solution to every problem. If you think that this is not happening please, read on.

Last week I saw on the news a story concerning Geneva Auto Show. To be honest, I was not paying much attention. But then, suddenly, there was a lady by a car on the TV. I remember she was talking and then she said something like: “and you see, this vehicle is connected to the Internet, of course” and she went on saying that with a cell phone like the one she was keeping in a hand, she could access multiple functions of the car like “start or stop the engine“. Of course“? Why in hell would you want to start your car’s engine from your cell phone? What do you think of this enthusiasm for a new technology? Have you heard of it before? I’m sure you know of dozens of similar cases.

Another example I found last week. IEEE Spectrum magazine No 7/12 includes an article about the possibilities that convergence between IT and OT offers in managing household energy. The article, called “Smart conservation for the lazy consumer“, was based on this fact shown by some studies: consumers are not willing to change their pattern of use of appliances because they value comfort more than the small savings they get from these changes. Therefore, the solution (the authors proposal) comes from implementing energy management systems in every household, connected to the generation and distribution networks so that they automatically can tailor the energy consumption according to the network conditions, electricity market prices and, why not, the neighborhood overall demand. In order to achieve this, an energy manager server will be required along with algorithms able to predict consumer behavior based on their habits, the room where consumer is in and the activity that is being carried on. Such a system will be (¿can you guess it?) “[…] connected to the Internet, of course” (my bold). None of these requirements are beyond what is possible today, but such a system will result in the ability to monitor the behavior and daily habits of millions of citizens. Needless to say, it’s for a good cause. As always, regardless of cybersecurity: this topic is not mentioned in the article even once.

It should be clear by now that this will to connect all kinds of industrial systems and devices to the Internet is not to vanish anytime soon (please read “industrial” in a broad sense, as anything that in principle is not part of the ICT field). Whether the functionality provided by these connections is really necessary or not, we will witness a skyrocketing number of facilities and industrial control systems connected to the Internet. We need mechanisms to assess that these systems meet cybersecurity requirements as ICT systems already do.

Industrial control system managers need to leverage all the cibersecurity management know-how that rests in the ICT, always with proper regard to the specific aspects of technology, culture and industrial processes.

So a new concept arises from an old one: the evolution from a SOC (Security Operation Center) into an iSOC (industrial Security Operation Center).

An iSOC is meant to meet the needs already identified in organizations with an intensive use of interlocutor industrial control systems: large buildings, public infrastructures (critical or not), manufacturing plants, etc…

iSOC basic goal is to provide a comprehensive security management based on remote monitoring in order to ensure business continuity, just as SOC’s already do in the ICT field.

However, operation know-how transfer from a SOC to an iSOC is not self-evident. It can’t be done without taking into account that ICS specific features that differentiate them from ICT environments: existence of legacy equipment, long life cycles, heterogeneous systems, etc… Special attention should be paid to cultural and organizational issues. It is impossible to success without the joint work of ICS specialists and expert ICT security technicians. This multidisciplinary approach is key to provide an accurate service: ICS managers will find in iSOC industrial process engineers supported by a technical team with extensive experience in security issues. This will save the gap between professionals of both worlds with regard to training, experience and language.

Realizing the current state of the situation, S2 Group launches Spain’s first iSOC, to be presented tomorrow, April 4th, in our new Madrid headquarters. It is not locally but internationally oriented and in a first phase will focus on Spain and Latin America. Our iSOC ultimate goal is to ensure that the adoption of the benefits of technology convergence is performed safely, avoiding an automatic transfer of the risks and threats already present in ICT.

This is one of many steps that our societies should take to ensure an increasingly secure operation of our infrastructures and systems.

(Image: Cugnot steam-powered car (1771). Photography © Roby. Use licence: GFDL o CC-BY-SA-3.0. Via Wikimedia Commons)

Comments

  1. Fantastic goods from you, man. I’ve understand your stuff previous to and you
    are just too magnificent. I actually like what you’ve acquired here, really like what you are saying and the way in which you say it.
    You make it entertaining and you still take care of to keep it smart.
    I can not wait to read far more from you. This is actually
    a great website.