The development of digitalization on the OT aspect often doesn’t go as smoothly as on the IT side. Unlike IT, which priority is to update system and security to the latest version, system updates in the OT area can put critical activities at risk at the plant. Nevertheless, adopting various devices as a way to digitalization is inevitable to keep up with the trend and staying relevant.

From this, risks associated with OT arise. Listed below are some examples of conditions that are common on the production floor:

• Variations of DCS, PLC, and HMI (Human Machine Interface) from various brands.
• Serial Type PLC configured via PC/laptop plug-in directly into the HMI.
• The displays of the machines have adapted to digital, but the OS is rarely / never updated to prevent hampered operations in the downtime. OS in the OT area usually still uses an outdated system like WinCE/Win7.
• Automatic Updates disabled.
• The OT (factory) will only operate with systems that have been proven stable. Usually, these systems are not the latest and have outdated in-house security standards that require a lot of retrofits (added features).
• OT control is decentralized and unique per location. Therefore, remote access is impossible when an issue arises.
• Staff / System Integrators who perform maintenance on OT devices generally do direct plug-ins on-site.

Various international cases emphasize the importance of securing OT along with developing working methods and data exchange. Production shutdown that starts from Ransomware will threaten KPI significantly.

• https://thestack.technology/oiltanking-cyber-attack/
• https://www.reuters.com/technology/jbs-paid-11-mln-response-ransomware-attack-2021-06-09/
• https://www.popularmechanics.com/technology/security/a32825656/honda-cybersecurity-attack/
• https://www.zdnet.com/article/ransomware-halts-production-for-days-at-major-airplane-parts-manufacturer/
• https://www.npr.org/2021/02/09/965791252/fbi-called-in-after-hacker-tries-to-poison-tampa-area-citys-water-with-lye

In following the INDI 4.0 standardization and the development of data protection regulations and cloud computing (public) trends, we need to consider that OT area security ideally can provide:

• Visibility
• Distinct segmentation: what is accessible to certain staff.
• Remote secure access for efficiency.

The solution that can be implemented is placing the NGFW appliance at the right point in the OT environment. The type of NGFW must be suitable so as not to hamper the ongoing operational and routine maintenance processes. Protection of production lines from various intrusions can be done in several approaches, either from regular maintenance executioners or from machines that need to be secured.

References:
1) https://www.fortinet.com/content/dam/fortinet/assets/white-papers/wp-secure-access-ot.pdf
2) https://www.fortinet.com/solutions/industries/scada-industrial-control-systems/what-is-ot-security