Posts
If you peer for a long time into an article about the safety of automated process control…
December 23, 2024 at 11:30 AM•Max Knyazev is typing…Telegram mirror
If you peer for a long time into an article about the safety of automated process control systems, you can feel that it has begun to peer into you...
I came across a curious article on Habré, where the author offers a “guaranteed secure” method of transmitting automated process control system data to the Internet. The idea is not to get into the network with technological controllers, but to “take” readings through a video stream using SCADA, and then recognize all this and publish it outside
⌨
In the author's words:
By the way, the article was downvoted. Because I'm a security guy ( this time ), automated process control system belongs to IIoT ( that's two ) and I like to speculate ( that's three ), I couldn't pass by. I decided to analyze the article in detail and give clear answers why the solution proposed by the author of the article is not actually safe ( many thanks to some commentators under his article for a couple of reasonable thoughts )
👮♂
Let's start with the fact that any industrial system needs data integrity monitoring mechanisms. Classic solutions have special “unidirectional diodes” or clever segmentations where UDP packets go out but not back. Such channels are audited and implement verification methods (checksums, sequence numbers, etc.). And the author’s method of “parsing the image” has neither standards nor clear guarantees that the stream will not be replaced
✏
Let's move on. The author believes that “since there is no network, there is nothing to hack.” In fact, attackers can attack the node that generates or processes this video stream. If you manage to get into it, then instead of real values, you can mix a fake signal - as a result, the external system will work with actually false data. So the risk doesn't disappear, it just moves to another level
🎁
Another disadvantage is the complete isolation from the ability to somehow influence the parameters, request history, and filter the necessary data. This “video approach” has no feedback. If something goes wrong, the operator cannot clarify, cannot manually request the necessary registers and receive them via the network protocol. This turns real industrial monitoring into a crutch
😵💫
Modern best practices for ICS protection include physical segmentation (DMZ, a dedicated zone for external services), data diode (hardware module that allows information to pass only in one direction), strict access control and encryption. These are proven and accepted methods. But “taking a screenshot” is clearly not a standard, and no one guarantees its safety
📸
Yes, formally we don't have it directly connection to controllers, but the whole idea of “parsing a picture” looks as if we were putting a video camera in front of the monitor and then saying: “Now you can’t hack it!” Perhaps someone will someday use a similar trick in a narrow scenario, but such a solution is not suitable for serious industrial projects
⛔
As a result, the “count from the screen” approach seems more like a fun idea than a really applicable method in practice. It is better to use classic solutions from the world of cybersecurity: segment the network, use specialized monitoring tools, secure channels and certificates. Then both reliability and ease of use will be at the proper level, and will not depend on the recognition of numbers on the monitor matrix
💯
😩
The security of automated process control systems is, first of all, a set of measures. This is the only way to truly reduce risks and avoid unpleasant surprises
😲
What do you think about this?
🎄
#information_security
#internet_things
Open original post on TelegramI came across a curious article on Habré, where the author offers a “guaranteed secure” method of transmitting automated process control system data to the Internet. The idea is not to get into the network with technological controllers, but to “take” readings through a video stream using SCADA, and then recognize all this and publish it outside
In the author's words:
No physical connection - no hacking
By the way, the article was downvoted. Because I'm a security guy ( this time ), automated process control system belongs to IIoT ( that's two ) and I like to speculate ( that's three ), I couldn't pass by. I decided to analyze the article in detail and give clear answers why the solution proposed by the author of the article is not actually safe ( many thanks to some commentators under his article for a couple of reasonable thoughts )
Let's start with the fact that any industrial system needs data integrity monitoring mechanisms. Classic solutions have special “unidirectional diodes” or clever segmentations where UDP packets go out but not back. Such channels are audited and implement verification methods (checksums, sequence numbers, etc.). And the author’s method of “parsing the image” has neither standards nor clear guarantees that the stream will not be replaced
Let's move on. The author believes that “since there is no network, there is nothing to hack.” In fact, attackers can attack the node that generates or processes this video stream. If you manage to get into it, then instead of real values, you can mix a fake signal - as a result, the external system will work with actually false data. So the risk doesn't disappear, it just moves to another level
Another disadvantage is the complete isolation from the ability to somehow influence the parameters, request history, and filter the necessary data. This “video approach” has no feedback. If something goes wrong, the operator cannot clarify, cannot manually request the necessary registers and receive them via the network protocol. This turns real industrial monitoring into a crutch
Modern best practices for ICS protection include physical segmentation (DMZ, a dedicated zone for external services), data diode (hardware module that allows information to pass only in one direction), strict access control and encryption. These are proven and accepted methods. But “taking a screenshot” is clearly not a standard, and no one guarantees its safety
Yes, formally we don't have it directly connection to controllers, but the whole idea of “parsing a picture” looks as if we were putting a video camera in front of the monitor and then saying: “Now you can’t hack it!” Perhaps someone will someday use a similar trick in a narrow scenario, but such a solution is not suitable for serious industrial projects
As a result, the “count from the screen” approach seems more like a fun idea than a really applicable method in practice. It is better to use classic solutions from the world of cybersecurity: segment the network, use specialized monitoring tools, secure channels and certificates. Then both reliability and ease of use will be at the proper level, and will not depend on the recognition of numbers on the monitor matrix
What do you think about this?
#information_security
#internet_things
Discussion
Comments
Comments are available only to confirmed email subscribers. No separate registration or password is required: a magic link opens a comment session.
Join the discussion
Enter the same email that you already used for your site subscription. We will send you a magic link to open comments on this device.
There are no approved comments here yet.