Learn why Sensors Matter within Industrial Cybersecurity
Dragos Collaborates with LOGIIC to Improve Awareness Around Sensor Level Cybersecurity
AUTHORS: Reid Wightman, Kate Vajda, and Matt Cowell
After many months of work, Dragos and a number of key researchers will finalize and provide instrument testing results to LOGIIC that will eventually be summarized and shared with the public to help move the needle on the cybersecurity of safety sensors.
The project was commissioned by the Linking the Oil and Gas Industry to Improve Cybersecurity (LOGIIC) consortium, a public-private partnership between the U.S. Department of Homeland Security’s Science and Technology Directorate and member organizations like BP, Chevron, and Total, among other stakeholders in the oil and gas industry sector.
LOGIIC directs research on how oil and gas companies can bolster the cybersecurity of critical systems at their facilities. They have conducted several projects on everything from application whitelisting to the cybersecurity of wireless and mobility.
This project builds off previous LOGIIC research projects. In the past, LOGIIC has taken a deep dive into the vulnerabilities within the safety controllers widely used at oil and gas facilities. The project examines the risk posture of the actual sensors feeding data into these controllers.
These instrumentation devices include items such as transmitters from fire and gas detection analyzers, pressure sensors, solenoids and positioners, and so on. They typically communicate with distributed control systems (DCS) and safety instrumented systems (SIS) using a non-IP-based communication protocol called Highway Addressable Remote Transducer (HART) communication.
These devices make up what is known as level 0 of the Purdue reference architecture model. Level 0 devices found in the architecture of oil and gas modern safety systems are responsible for process data that represents the foundation of how these systems operate. If the instrumentation devices do not function properly, neither do the safety control systems.
The project goal has been to examine what the risk is to the safety system if these sensors and actuators can be manipulated. We have examined the risk of compromise to these sensors and the HART protocol they use, and what that means for the risk of overall safety at oil and gas facilities. The ultimate objective is to increase understanding of how sensor & actuator level manipulation can impact operations and safety so that countermeasures can be implemented.
As part of our work with LOGIIC, Dragos experts examined potential physical sensor issues that can be used and abused in real-world facility environments. Lessons from these results will eventually be shared to offer advice to end-users, integrators, and instrument vendors on creating and deploying more secure products and systems for their expected use cases.
We have completed our research and have been closely collaborating with multiple vendors. It is great to see that it isn’t just end-users who are concerned here; everyone is showing a keen interest in improving the state of sensor security for oil and gas applications.
We have taken a testing approach to probe the protocol stack for base features, to reverse engineer proprietary functionality, and to demonstrate capabilities that could be exposed using both public software and custom tools. We have also reviewed the Highway Addressable Remote Transducer (HART) protocol specification itself to identify where the required features of the protocol introduce security problems.
LOGIIC and Dragos have made some interesting discoveries. For example, we’ve found situations where it is possible to disable sensors, to manipulate sensor signals to prevent safety activation, and even to lock legitimate operators out of devices. But these discoveries are just the start—the goal is not to scare the industry but to help it get better at securing these sensors and mitigating existing gaps.
So, by the time we are through, we’ll help LOGIIC provide some meaningful best practices for end-users and guidance to the sensor vendors.
LOGIIC will be releasing a public report soon describing the project, including findings and recommendations related to asset management systems, instrumentation, and other aspects of the project.
Research is still ongoing but when the final report is available it can be viewed here.
Read next blog post
Ready to put your insights into action?
Take the next steps and contact our team today.