Efficient Plant Jan./Feb. 2024 - 28

column | cybersecurity insights
Security
Resides in
PLC Run
Mode
Steve Mustard, CEO,
National Automation Inc.
Marco Ayala, Global Director
ICS Security, 1898 & Co.
T
ODAY THERE'S A whole
industry dedicated to reducing
cybersecurity risk, including
standards, guidelines, frameworks, tools,
and subject-matter experts. Ultimately
the organization owns the risk and is best
placed to manage it.
ISA/IEC62443, the only consensus-based
international standard for
industrial-automation and control-systems
cybersecurity, is a comprehensive roadmap
for organizations to effectively manage their
industrial cybersecurity risk, but there is
no silver bullet. Like safety, cybersecurity
requires constant vigilance, especially when
it comes to seemingly trivial issues. ISA/
IEC62443 lays out a plan, but the success of
that plan is in the hands of the plantmanagement
team.
One of the simplest examples of this
Steve Mustard serves as the President
of National Automation Inc., Spring, TX
(au2mation.com), and served as the 2021
president of the International Society
of Automation (ISA, isa.org). Mustard
works with companies to improve their
performance through the identification
of process bottlenecks and the intelligent
introduction of technology to remove them.
Marco Ayala is the Director and ICS
cybersecurity section lead at 1898 & Co.
(part of Burns & McDonnell), Kansas City,
MO (1898andco.burnsmcd.com), and
the International Society of Automation
(ISA) Vice President for Automation
and Technology for 2023. He is active in
cybersecurity efforts for the oil and gas,
maritime port, offshore facilities, and
chemical sectors.
vigilance is the PLC or controller key
switch. This physical key can have different
modes depending on the manufacturer,
but there are at least two modes that are
common to such devices: Program and
Run. A third, Remote, is often present. In
Run mode, the PLC or controller cannot be
modified locally or remotely over the network.
In Program mode, the device can be
modified. Remote mode usually allows the
programmer to remotely change the status
of the device.
The ISA Global Cybersecurity Alliance,
which sponsors the PLC Security Top 20
List (plc-security.com/index.html), recommends
that operators, " keep the PLC in Run
mode. If PLCs are not in Run mode, there
should be an alarm to the operators. "
The key switch is the most effective
means of preventing unauthorized modification
of critical PLC or controller code.
Despite this, the key is routinely left in the
Program or Remote position because it
is convenient for the maintenance team.
The rationale for this approach is that it
eliminates productivity loss that results
from walking up to the device with the
key, changing position, walking back to the
workstation, making changes, and then
restoring the key position and removing
the key. While this is true, it overlooks the
potential loss of productivity involved in a
cybersecurity incident caused by unauthorized
modification of the PLC or controller.
There are more examples of productivity
savings creating cybersecurity vulnerabilities
to be found in a typical operational
environment. How confident are you that
your cybersecurity vulnerabilities are being
managed in a vigilant manner? EP
A typical example of a potential cybersecurity threat is a controller set in remote mode with a key left
in the lock during normal operation.
28 | EFFICIENTPLANTMAG.COM
JAN/FEB 2024

http://www.plc-security.com/index.html http://www.au2mation.com http://www.isa.org http://1898andco.burnsmcd.com http://www.EFFICIENTPLANTMAG.COM

Efficient Plant Jan./Feb. 2024

Table of Contents for the Digital Edition of Efficient Plant Jan./Feb. 2024