Industrial Control Systems (ICS) Cyber Security
Peregrine Technical Solutions LLC (dba Peregrine), has significant experience with the cybersecurity involved with Industrial Control Systems (ICS), Supervisory Control and Data Acquisition devices (SCADA), Systems-of-Systems (SoS), and Internet-of-Things (IoT) platforms and architecture. For example, we have completed a successful contract for the Department of Defense (HQ0034-14-C-0209) in which the primary objective of this study is to apply the Air Force (AF) energy security framework (ESF) for the remotely piloted aircraft (RPA) kill chain and identify energy-related threats and vulnerabilities to the mission, as well as propose risk mitigation recommendations. This assessment focused on a single notional Air Combat Command (ACC) RPA mission kill chain for the MQ-9 Reaper, the replacement to the MQ-1 Predator. The primary audience included the Office of the Assistant Secretary of Defense for Energy, Installations, and Environment (OASD EI&E) in conjunction with the Deputy Assistant Secretary of the Air Force (Energy) and the Deputy Chief of Staff of the Air Force for Intelligence, Surveillance, and Reconnaissance (AF-A2). The RPA mission is very different from traditional manned aircraft missions, with the former heavily dependent on reliable and redundant supporting infrastructure systems. Three of these systems—communications; electrical power; and heating, ventilation, and air conditioning (HVAC) are vulnerable components of the RPA critical support infrastructure whose loss incurs risk to the mission. These critical components comprised the focus of research for this assessment, and the analysis of the supporting infrastructure systems revealed vulnerabilities that threaten the reliability of the RPA mission kill chain. The Peregrine assessment team investigated and evaluated the measures employed to reduce the vulnerabilities, and where critical vulnerabilities remained, these SMEs proposed courses of action designed to improve reliability. A vast majority of the findings in this report highlight vulnerabilities specific to key infrastructure systems that support the different components of the RPA kill chain, as well as a number of systemic vulnerabilities to the entire kill chain were uncovered.
In addition, our analysis zeroed in on the known attack vectors, plus common tools used by attackers and defenders, as well as existing malware and the potential disruptions that a successful exploitation of ICS vulnerabilities may create. The knowledge gained from that effort allows our SMEs to design, develop, install, and deploy ICS critical infrastructure and SoS/IOT on other projects, as well as work with organizations interested in improving their overall stance with respect to cybersecurity, and institutions tasked with credentialing the next generation of electrical and computer engineers, computer scientists, and blending them with cybersecurity experts to create secure systems developers. It is well-known, that injecting secure system design into ICS/SCADA systems is very different from traditional engineering design. A critical difference exists between the skills required to effectively develop an ICS and the skills required to introduce cybersecurity policy in an organization. The typical engineer is unaware of the nuanced aspects of cybersecurity, whereas the typical computer scientist or cyber operations expert does not have an adequate level of experience with system design and development.
The Peregrine staff has successfully merged those two educational paradigms and developed the first cyber apprenticeship in the nation where we train personnel able to transcend the multiple levels of design and development, while also being aware of the difficulty of top-down secure system design. Our recommendations are intended to address technology that was not envisioned 15 to 25 years ago and the assumptions that were made throughout that time. We can provide guidance for an actionable framework that will build upon and improve the next two decades with the capability to stand up reliable programmable logic control (PLC)-based systems that require minimal human intervention, and the advent of high-speed public networks, many industries have migrated their process control infrastructure to distributed ICS in an effort to centralize operations and minimize human resource costs. The ICS devices can then be connected to the public internet because that is the most efficient way to provide the necessary network connectivity for typically remote and physically isolated facilities. However, this solution, which was implemented for convenience and cost-savings, now drives an enormous single point of failure vulnerability through the entire U.S. industrial infrastructure: namely one of attacking the ICS using the public internet. Devices are now interconnected and networked in a manner that was not envisioned when they were designed so a modern network infrastructure of SOS and IOT, will require significant resourcing to recover from the faulty decisions and mistakes made that have resulted in systemic vulnerability.
Peregrine offers a variety of capabilities in these areas to include expert testimony, valuation diligence, red team/penetration testing, arbitration/litigation discovery, and cross-walking support between agencies or commercial internal departments. Our staff is comprised of highly skilled, and knowledgeable personnel, who are capable of seeing the overall tactical and strategic vision, due to their wide experience and their technology-agnostic approach. The Peregrine approach is to understand generally accepted cybersecurity practices and the underlying technology, to quickly identify all deficiencies within and throughout a company, to know how remedial measures can be applied, and to provide a path forward within the financial and technological constraints of the company, agency, organization or department.
We focus on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk-management processes, thus potentially reducing and better managing cybersecurity risks. We align with the National Institute of Security Standards (NIST) Framework and also with all applicable Department of Defense Risk Management Framework controls. Peregrine has a number of contracts that focus on Cyber Security for Industrial Control Systems to include:
- Smithsonian Facilities Maintenance/IA F17CC10251
- NAVELX DoD Locks N39430-17-R-1930
- NAVAIR Cyber Resilience N68335-16-G-0019
- NAVSUP NAWDC N00244-15-F-0205
- OASD UAV Cyber Study HQ0034-14-C-0209
- NAVSUP INSURV Cyber N00189-13-C-0010