Engineering Grade Protection for Data Center OT Systems
Protecting Data Centers From Industrial OT Threats
Uptime is a very important Key Performance Indicator (KPI) for data centers, and the physical infrastructures in data centers are essential to uptime – electric power systems, backup power, fire suppression, physical access control, cooling and more. Managing cybersecurity for these infrastructures is different from managing security for information systems – while problems with a new software version or security update can be “backed out” to preserve uptime, damaged high-voltage transformers and cavitation damage to cooling systems cannot be restored from backups.
This means that the physical infrastructure of data centers is more of an engineering domain than an information processing domain. While the engineering profession has been criticized for being slow to embrace cybersecurity risks and solutions, a new initiative is changing that. The Cyber-Informed Engineering (CIE) initiative at the Idaho National Laboratory is (1) working to make the engineering profession much more aware of cybersecurity issues and solutions and (2) working to apply powerful engineering techniques to cyber risks – techniques and technologies that have historically been used to address only physical threats. For example – mechanical vibration sensors electrically connected to a large cooler’s cut-off switch can be used as a last-resort safety system, protecting cooling systems from damage. Large cooling systems that move liquids risk cavitation damage if they are operated at too high a speed. A mechanical fail-safe eliminates the risk of damage to the cooler when a cyber attack both mis-operates the cooler and disables the cyber safeties designed to protect the cooler from damage.
Network engineering is part of this new CIE initiative. Network engineering uses engineering-grade protections to prevent cyber attacks from entering data center OT networks in the first place. This is important because data centers are all about uptime and reliability. In the cooler example above, what happens when mechanical fail-safes engage to protect the cooler? Things shut down – the infrastructure that is essential to continuous data center operations is shut down to protect it from damage. It is a good thing that engineering-grade measures prevent threats to worker safety and equipment damage. But if we want our uptime preserved, we need more. We need to prevent cyber attacks from entering OT networks in the first place and triggering these fail-safe shut-downs.
While network engineering includes a number of engineering-grade tools for the prevention of cyber attacks from entering OT networks, the most widely-applicable tool is the unidirectional gateway. The gateways are deployed at consequence boundaries – connections between networks with physical consequences vs. networks with only business consequences. In data centers, the gateways are deployed most commonly at IT/OT interfaces. Unlike software firewalls, hardware-enforced unidirectional gateways provide engineering-grade unidirectionality – OT data is copied to IT networks in real time, with zero risk that cyber attacks (like ransomware) from IT can penetrate through the gateways back into OT networks to put uptime at risk, or to put the physical equipment that is essential to uptime at risk.
“…hardware-enforced unidirectional gateways provide engineering-grade unidirectionality – OT data is copied to IT networks in real time, with zero risk that cyber attacks from IT can penetrate through the gateways back into OT networks.”
The World Is Changing
Stay up to date
Subscribe to our blog and receive insights straight to your inbox