Cyber Physical Security

Cyber Physical Security

As governments and national authorities come to grips with cyber warfare, attention has turned to critical infrastructure; so-called because a successful attack on such a system can cause great disruption possibly leading to loss of life. Amongst critical infrastructure are energy plants, emergency networks and financial networks. It is the nuclear branch of the energy sector that creates the most concern. Built decades ago when cyber attacks were virtually unheard of, the majority of energy plants whether nuclear or not, have been designed more towards operability than cyber security. Unfortunately, this includes the use of default settings and passwords for hard to get to equipment.

When nuclear plants were originally designed, they had to meet a number of strict health and safety criteria to protect the environment and the communities they serve. As with all plant types, electronics controlled a vast array of subsystems. Unlike most plants, a breakdown in a sub system such as the lowly HVAC (heating, ventilation and air-conditioning) can cause a national disaster. In a nuclear power plant the HVAC has a dual purpose; the maintenance of the environment of the main control room for personnel and more importantly the prevention of the build-up of explosive atmospheres in highly sensitive areas. It should be clear that hacking even the lowly HVAC system can have dire consequences.

The electronics controlling subsystems in a nuclear plant are usually interconnected through an I&C (instrumentation and control) system such as the Siemens Teleperm XS which was favoured by a number of energy providers. Internal (sub systems connected directly to the Teleperm) communicated using the Profibus field bus protocol whilst external systems used the Profinet protocol. Neither of these protocols use encryption and the contents of packets over the networks are visible in a tool such as Wireshark. There are also tools such as Ettercap which allow handcrafted communication packets to be created and potentially inserted into the data streams.