That’s very different than other industries and sectors, such as enterprise IT, where seismic technology shifts seem to occur about every two years. Change in industrial control environments has been handled at a more measured pace and with a lot more caution.
There are several good reasons for this. The first is that the processes these systems control are usually very large and critical to the general public and the normal functioning of society. They support the provisioning of essentials like electricity, water, oil and gas and other basics.
If these systems go down, people’s health and safety are quickly put at stake. For that reason, reliability and availability have long been the overriding priorities in the design and operation of these systems, making broad-based changes in these environments a real challenge. That’s why slow, methodical and incremental change has been the norm for so long.
Another reason why ICS and Supervisory Control and Data Acquisition (SCADA) environments have not seen a more rapid rate of change was because it was not needed. Designed for a simpler era, automation systems typically were designed as proprietary (closed) systems and were implemented in isolated settings, both physically and electronically.
For many years, these systems successfully controlled industrial processes without requiring direct connections to enterprise networks, the Internet, or too much else for that matter.
But the time has come to upgrade or replace these aging systems. There are now compelling reasons to connect these systems to corporate networks and the Internet. As those connections are made, the isolation – or ‘air gaps’ – that protected these systems disappears. The long-standing strategy of ‘security through obscurity’ no longer holds up. In addition, corporate and operations staffs have other realities and requirements to consider, including:
- Shifting from proprietary to open, standards-based solutions can lower costs, increase operational flexibility and avoid vendor lock-in
- Generating real-time business intelligence from operational data can enhance service delivery
- Improving the effectiveness of automation systems drives new efficiencies into the industrial processes they control, yielding better performance and results
- Ensuring that the operational health and safety levels of the systems and processes are continually maintained.
The following are five of the major hurdles that critical infrastructure and industrial process companies often face as they move forward with initiatives to modernize their control environments.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.