Understanding the manufacturing risks of aged industrial control systems

The reliable functioning of critical infrastructure, encompassing factories, refineries, airports, and transportation networks, faces an imminent threat due to the aging industrial control systems (ICS) and their components.

[FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing

While there is growing recognition of the advancements in artificial intelligence (AI) and machine learning (ML) within operational technology (OT) as part of Industry 4.0, it is equally crucial to acknowledge the persistent use of older, outdated systems and technologies, which are essential for maintaining uninterrupted operations.

By examining the challenges and risks associated with the availability and reliability of crucial ICS systems, we can better understand how risk assessments can be leveraged to inform effective Capital Expenditure (CAPEX) decisions.

Dangerous situations

It is common to encounter “mature” systems and components that are still in use when assessing operational systems with a significant track record.

Consider, for instance, the ICS components that may have been installed and operational for as long as 20 years. This raises the question of the underlying operating systems that serve as the foundation for these older control systems and devices. For example, some individuals might still rely on Disk Operating System (DOS), while others might have made a partial transition to Windows 3.1, Windows 2000, or Windows XP.

The following are some of the primary risks associated with these outdated systems and their supporting components:

• Outdated Technologies: Older systems utilize technologies that have surpassed the vendor’s capacity to patch and update them. This makes them susceptible to malfunctions and vulnerable to internal and external threats.
• Deterioration of Wiring and Insulation: Exposure to heat, UV rays, and cycling can cause deterioration in the wiring and insulation of older systems, compromising their reliability and safety.
• Lack of Modern Communication Protocols: Older systems often lack the ability to adapt to modern communication protocols, such as Ethernet. This limits their robustness, flexibility, and compatibility with contemporary security monitoring solutions.
• Lack of Vendor Support: These devices and systems may no longer have vendor support due to the vendors going out of business or being acquired by other organizations through mergers and acquisitions. This absence of support leaves them without access to necessary updates, patches, and technical assistance.
• Limited Availability of Spare Parts: Obtaining maintenance spare parts for older systems can be challenging as they may be nonexistent or require unconventional means, such as internet auction sites or cannibalization of other equipment on the production floor. This can lead to prolonged downtime and difficulties in maintaining and repairing the systems.

The break-fix mindset of the plant maintenance team exacerbates the risk associated with these components. In order to maintain uninterrupted plant availability, a failing component might be swiftly replaced with an unpatched, uncalibrated, or unconfigured device, thereby increasing the likelihood of early failure or creating vulnerabilities that potential attackers can exploit.

Evaluating the risk posed by outdated buildings and infrastructure

Regular risk assessments are crucial for evaluating the potential risks associated with outdated buildings and infrastructure. However, an intriguing obstacle arises when management hesitates to proactively identify issues, often adopting the mindset, “If it ain’t broke, don’t fix it.” This approach poses a significant challenge in recognizing and addressing potential problems within these installations and infrastructure.

Conducting risk analyses and security health checks is generally advisable in such situations. However, managers or supervisors may exhibit reluctance due to the understanding that if an issue is identified, they will be responsible for addressing the detected flaw. Unfortunately, plant management may face constraints in rectifying the problem due to resource limitations, including financial constraints, lack of expertise, or the unavailability of compatible technology that aligns with the plant’s technical architecture.

An example that highlights the risks of relying on outdated systems is a well-established tire manufacturer that continues to rely heavily on old operating systems, including DOS and early versions of Windows, within its production processes at a factory that has been operational for over 25 years. These legacy technologies are indispensable for essential early manufacturing activities. As a result, the failure of a DOS system, whether due to component failure or compromise, could have severe consequences, potentially leading to a complete shutdown of the entire factory.

One solution might be to upgrade the entire line with more modern “forklift” equipment. Unfortunately, this can be a time-consuming and expensive project that may necessitate a protracted plant shutdown or turnaround. It might also have trouble integrating with the lines down below. A roadmap or strategic upgrading plan is the solution to this problem.

Evaluating the risk posed by outdated buildings and infrastructure

Regular risk assessments are crucial for evaluating the potential risks associated with outdated buildings and infrastructure. However, an intriguing obstacle arises when management hesitates to proactively identify issues, often adopting the mindset, “If it ain’t broke, don’t fix it.” This approach poses a significant challenge in recognizing and addressing potential problems within these installations and infrastructure.

Conducting risk analyses and security health checks is generally advisable in such situations. However, managers or supervisors may exhibit reluctance due to the understanding that if an issue is identified, they will be responsible for addressing the detected flaw. Unfortunately, plant management may face constraints in rectifying the problem due to resource limitations, including financial constraints, lack of expertise, or the unavailability of compatible technology that aligns with the plant’s technical architecture.

An example that highlights the risks of relying on outdated systems is a well-established tire manufacturer that continues to rely heavily on old operating systems, including DOS and early versions of Windows, within its production processes at a factory that has been operational for over 25 years. These legacy technologies are indispensable for essential early manufacturing activities. As a result, the failure of a DOS system, whether due to component failure or compromise, could have severe consequences, potentially leading to a complete shutdown of the entire factory.

One solution might be to upgrade the entire line with more modern “forklift” equipment. Unfortunately, this can be a time-consuming and expensive project that may necessitate a protracted plant shutdown or turnaround. It might also have trouble integrating with the lines down below. A roadmap or strategic upgrading plan is the solution to this problem.

As an example, using the RAM mentioned earlier, any risk rating falling within the red area of the matrix should be prioritized for repair as a top priority. While it may be argued that risk ratings within the yellow and blue zones are acceptable and do not require immediate attention, this approach can be misleading. Despite seemingly acceptable risk ratings, embracing a continuous improvement strategy is strongly recommended to ensure the maintenance of secure and high-availability operations. Bearing this in mind, additional controls should be implemented to mitigate the likelihood of all risks with ratings higher than C3.

Please get in touch with us to learn more about conducting risk assessments of your facilities and systems and our methods for analyzing components, systems, and facilities. View this case study to learn more about how we assisted a large manufacturing organization realize how susceptible its OT assets were to intrusions.