Thursday, May 14, 2009

Electronic Device Fingerprints

One of the potential modes of attack against facility control systems is the use of an off-site computer to gain control of critical systems. While the simple answer to this threat is to not allow off-site communications to these systems, this is not always possible. Remote diagnostics of control systems by vendors, process upset analysis and response, and remote monitoring of inventory are all potentially legitimate reasons for allowing off-site communications with control systems. The typical security response to these requirements is to password protect such communications. Passwords are, unfortunately, subject to hacking, cracking, and even theft. Furthermore, passwords are not used when the communication is between devices or between a device and the control system computer. A brief but interesting article on describes an alternative method of limiting access, the use of Physical Device Recognition (PDR) technology to identify a computer using a unique device fingerprint. The PDR technology is implemented at the network controller level through the use of NetAnchor® server software. According to Uniloc his allows the software to monitor all communications through that server and verify the identity of the sending computer. Now I am not enough of a computer expert to be able to evaluate the details of the claims, but the basic concept of requiring the verification of the hardware identity to allow communications seems to be sound. The user identity would still have to be validated by password, pass card or some form of biometric identification, but the additional layer of identity validation should significantly increase security. I am not sure that placing this system at the server level is the way to insure that commands going to remote control-equipment will be validated. These remote locations do not necessarily require the existence of a server between the communication link and the equipment. In fact, many new pieces of control equipment designed for remote site operations come equipped with wireless communications links. If the PDR technology could be implemented at the communications link, this problem could be avoided. Where control systems are hardwired and commands can be routed through a central server this type technology may help solve the problem of allowing engineers to monitor and adjust process upsets from off-site locations without compromising the security of the system.

No comments:

/* Use this with templates/template-twocol.html */