Continuing with the topic introduced in the article The evolution of software in industrial control systems, we will now discuss the evolution of devices as well as their implications in terms of security. Industrial control systems are made up of several devices. While a small system contains few variables and needs a small number of sensors and control elements, a large system that has to process thousands of variables requires a huge number of sensors, actuators and several control devices.
There have traditionally been two main types of widely used devices in industrial control systems: PLCs (Programmable Logic Controllers) and RTUs (Remote Terminal Units). Likewise, devices such as PACs (Programmable Automation Controllers) and IEDs (Intelligent Electronic Devices) are also typical in these environments. A PLC is a device which is principally designed to collect data from sensors and send answers to actuators. Its work is focused on the field level and one of its most important features is the speed at which it can carry out its scan cycle (input scan, program execution, output actuation).
An RTU is a device with several communication capabilities. Its speed is not extremely high, meaning that it is not useful for process controls that need to make quick decisions. However, it is capable of working with several protocols at the same time, thus allowing it to communicate with many devices - even from different manufacturers - for the exchange of information.
Deploying both PLCs and RTUs in the same control system involves substantial equipment costs and the need to manage several devices. A control system’s value chain must contain the least possible number of components, given that a higher number of elements means greater chances of failing. This is one of the main reasons why both PLCs and RTUs are becoming increasingly similar. They are both evolving towards a model which integrates their respective features into one unique device.
Nowadays PLCs are able to support an increasing number of protocols, even high-level protocols, thus allowing them the capability to communicate with more devices as well as directly with the control centre. RTUs, on the other hand, have improved their speed as a result of using better processors, hence allowing them to more quickly carry out the process. Many manufacturers nowadays, such as Yokogawa, for instance, are already producing devices that are able to perform integrated PLC and RTU functions with one single device. Industrial control system operators see these new devices as an advantage due to the fact that they significantly reduce the number of units on the control network (thus lowering the chances of failure) in addition to cutting back on expenses since fewer devices are needed.
-PLC/RTU in one unique device (Source: http://www.yokogawa.com)-
The security features that these new devices offer are not any different from those of their predecessors. It is clear that evolution of these devices has resulted in improved computational capabilities such as increased speed, greater processing power, more memory, etc. These capabilities allow the device to generate more information which is useful during an audit. New redesigns also allow for the integration of encrypted memories for password protection, although the operating system and protocols are the elements which must take advantage of these new features in order to improve security.
Sensors and actuators
The components of the lowest level of control systems have also been steadily progressing over the years. Originally, sensors and actuators were only able to exchange their status values (their own variable values). They later evolved to enable communications, either by a cable dedicated to communication, or by the power supply cable. Today these devices have progressed tremendously. Sensors and actuators have become devices with strong communication capabilities with the use of new generation wireless protocols such as ZigBee and WirelessHART (these will be further discussed in an article series corresponding to communications), and have significantly enhanced the accuracy needed to carry out their functions.
-Sensors with wireless communication-
The advancement of industrial control systems in general has also brought about new devices owing to the changes which have occurred in the different sectors. Smart Grids, for example, have developed new devices: the smart meter which replaces the traditional meter, and the data concentrator which gathers information from the smart meters before sending it off to the control centre. These devices already have a certain level of security worked into their design such as the capability to generate an event when the device’s casing is tampered with.
-New devices in smart grids-
Among the new devices it is also important to highlight the emergence in recent years of low cost hardware platforms such as Arduino and Raspberry. These platforms have certain integrated input/output capabilities which allow them to interact with the process, although their functional capabilities are far from those which are offered by specific devices such as a PLC or an RTU. These platforms have also contributed to the advancement of control systems especially in terms of making them more visible in addition to making them a possibility for everyone. These platforms allow anyone to implement their own home control system in order to control lighting in the house, water in a small garden, control a heating system, etc.
Besides the progress that devices for control tasks have undergone, it is also worth mentioning the devices whose function is to improve security in industrial control systems. Specific devices such as industrial firewalls as well as other tools which are specific to this environment have emerged. These tools are discussed in the article IT tools that evolve for OT.
Is virtualization the next step?
Virtualization has also made its way into industrial control systems, yet not into field devices. Currently, virtualized control devices are only utilised in Honeypot systems to perform Proof of Concept (either attack testing or demonstration of features).
Virtualization of a control device in production (in a real-life situation) will be difficult if it is not possible to cut down on time and predictability of the servers where they are hosted. It will also be difficult if the speed of the scan cycle cannot be ensured. This will not prevent, in the short-term, the emergence of virtualized devices in those processes which do not have great time constraints nor where the loss of some data is not important.
The virtualization of control systems allows for an increase in security. The main advantages it offers are:
- Minimising specific threats on the platforms without compromising performance.
- Data protection when transferring between virtualized platforms, regardless of the access device.
- Maintaining uniform security among platforms under a single management.
- Enabling strict access control in order to more easily protect against data loss, falsification and attacks.