ot – Waterfall Security Solutions

What is OT Anyway?

Andrew Ginter — Tue, 02 Apr 2024 09:39:38 +0000

OT Insights Center OT security standardsWhat is OT Anyway?

What is OT Anyway?

What does the term OT really mean? What did it mean 20 years ago? What does it mean today?

Andrew Ginter

April 2, 2024

What is OT? Where to begin? The field of automation engineering has been around for almost as long as the engineering profession has existed. More recently, in 2005, the Gartner Group coined the term “operational technology” (OT). In the beginning, the term was used by IT teams to mean, more or less, “all that industrial and engineering stuff that we IT people do not understand.” Engineers of course did not use the term, at least initially, because they generally did understand very thoroughly “all that engineering stuff.”

Engineers have very recently started to use the “OT” term, primarily when interacting with enterprise security teams. Engineers use the term to refer to the computers and networks that control important, complex, and often dangerous physical processes. Many of these physical processes constitute critical industrial infrastructures, such as water treatment systems, passenger rail systems, and the electric grid. These physical processes are powerful tools, and their misoperation generally has unacceptable physical consequences. Preventing such misoperation is the goal of OT cyber risk management.

“Engineers use the term to refer to the computers and networks that control important, complex, and often dangerous physical processes.”

Arcane Terminology

Thus, while the term “OT risk” is new, people were monitoring, controlling and to some extent automating physical processes with dials, gauges, and analog control loops before there were computers, and have been using computers to assist with such control almost since the first computers were invented. As with any old field, the terminology is arcane. The first computers used in operations were so woefully under-powered that each computer could do only one kind of thing, and so every little thing that an automation computer did was given a different name.

For example, control systems are sometimes called SCADA systems, where SCADA stands for “Supervisory Control and Data Acquisition.” A SCADA system is an industrial control system that uses a wide-area network (WAN) to communicate over long distances. Electric grids, pipelines and water distribution systems use SCADA systems. In contrast, “DCS” stands for “Distributed Control System.” A DCS is an industrial control system where no WAN is involved, and where the entire physical process is contained in one site. Power plants, refineries and chemical plants use DCSs. Historically, SCADA systems and DCSs were different – one kind of software could not control the other kind of process. Nowadays, general-purpose control systems have all the features of both SCADA systems and DCSs, making the difference between the two terms more usage than technology.

The modern term encompassing DCSs, SCADA systems and all other kinds of control systems is “industrial control system” (ICS), but there are many variations of the term. The IEC 62443 standards insist on calling these systems “industrial control and automation systems” (IACS). Many refineries call their control systems Process Control Networks (PCNs). Building owners and operators call their control systems Building Automation Systems. And rail system operators call some of their control systems switching systems, others operational control systems (OCC), and yet others signalling systems – in that industry, the term “OT” is only just starting to be used.

Process vs. Discrete Manufacturing

Industrial processes can be classified as well. Critical industrial infrastructures are generally examples of “process industries.” In process industries, the material being manipulated is more or less “goo” at some point in the physical process: water purification systems manipulate water, refineries manipulate oil, and pipelines move fluids. Electric grids are considered process industries as well, because electricity is produced in a continuous stream that can be modelled as more or less a fluid. Even transportation and traffic control systems are considered by many to be process systems, though this pushes the concept a bit.

Within process industries, there are batch industries and continuous industries. Batch industries, such as mining and pharmaceuticals, are industries where the production line does not run continuously. Instead, the physical process produces identifiable batches of outputs. Continuous industries, such as water treatment plants, power plants and offshore oil platforms, consume inputs and produce outputs more or less constantly. Worst case consequences of cyber sabotage in process industries can be spectacular. These industries are sometimes called “boomable” industries – with one of the main jobs of the control system being to stay “left of boom”.

Discrete manufacturing is the opposite of process manufacturing. While process industries work with continuous inputs to produce continuous or discrete outputs, discrete manufacturing assembles small, discrete inputs into larger discrete outputs, such as automobiles, aircraft, and home appliances. There are many similarities between process and discrete manufacturing, but there are significant differences as well. Discrete manufacturing often consists of individual machines or “production cells,” each with a technician responsible for operating and/or repairing machines in the cell. Each machine tends to have its own small, local “human-machine interface” (HMI).

Whereas process industries are often “boomable,” worst case consequences of cyber attacks on discrete manufacturing tend to be threats to product quality – which can be very important in fields such as aircraft manufacturing – and threats to individual technicians operating the equipment. A machine that turns on while a technician has their hand or body inside the machine while servicing it, can injure or kill the person, but generally poses no threat to other technicians in the plant, nor to public safety.

Human-Machine Interface (HMI)

An important aspect common to all SCADA systems is the human operator. Control systems for important industrial facilities almost always have human oversight. System operators are charged with ensuring the safe and reliable operation of the physical process. These operators use tools known as human-machine interface (HMI) software. This software almost always includes a graphical visualization of the state of the physical process, and often includes other elements such as alarm managers and historical trending tools called process historians.

In many industries, by policy and sometimes by law, process operators are required to permit the physical process to operate only if they have a high degree of confidence that the process is operating safely. If the operator ever loses such confidence, for example because their displays freeze, or a message pops up saying, “you have been hacked,” they must act. An affected operator may transfer control of the process to a secondary or redundant HMI or control system. However, if after some seconds or minutes the operator is still not sufficiently confident of the correct and safe operation of the physical process, then that operator must return the process to a known-safe state – most often by triggering an emergency shutdown of the physical process.

This means that most often, the simplest way that cyber attacks can cause physical consequences is for the attack to impair the operation of some part of an operator’s HMI or the systems supporting the HMI. The simplest physical consequences of such attacks are shutdowns of the physical process. A problem with such shutdowns is that industrial processes very often can be shut down much faster than they start up. Physical operations can take days to recover full production again after an emergency shutdown. In some cases, regulatory approvals must be obtained before restarting physical processes, delaying plant restarts by as much as months. Worse, emergency shutdowns often put physical stress on industrial equipment, stress that can lead to either immediate equipment failures, further delaying restarts, or to premature equipment aging.

OT Security Priorities

While safe and reliable operations are the top priority in almost all industrial networks, confidentiality can be a priority as well. For example, pharmaceutical firms often regard the detailed processes used to manufacture their outputs as closely held trade secrets. Discrete manufacturers sometimes regard the programs and settings for industrial robots and other manufacturing equipment the same way. Enterprise security teams have an important role to play in protecting this information.

The bottom line? There is enormous variety in the field of “OT” systems, and that variety, especially the differences in worst-case consequences of compromise – drive requirements for OT security and OT risk management systems.

To dig deeper, click here to request a copy of this author’s latest book, Engineering-Grade OT Security: A manager’s guide.

About the author

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

I don’t sign s**t – Episode 143

September 10, 2025

Secure Industrial Remote Access Solutions

August 28, 2025

Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

August 28, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post What is OT Anyway? appeared first on Waterfall Security Solutions.

OT Security: Are We Protecting the Information?

Andrew Ginter — Thu, 07 Mar 2024 14:42:11 +0000

OT Insights Center OT security standardsOT Security: Are We Protecting the Information?

OT Security: Are We Protecting the Information?

Industrial network engineers have always been uneasy with the task of "protecting information". The real priority for OT security is in stopping inbound malicious information from entering the system and threatening machinery and workers.

Andrew Ginter

March 7, 2024

Connectivity between OT / industrial automation systems, between OT systems and IT systems, and between all this and Internet-based cloud services continues to increase. On the surface, this trend demands that we encrypt everything, thus protecting the information. And, because no operating system nor cryptosystem is perfect, we must also deploy at least the “detect,” “respond” and “recover” pillars of the US National Institute for Standards and Technology Cybersecurity Framework6 (NIST CSF). Since connectivity leads sooner or later to intrusions, we must use sophisticated intrusion detection techniques, in hopes that when we are compromised, we can detect the attacks, respond to them, and recover normal functionality again before we suffer downtime, equipment damage, casualties, or other unacceptable consequences.

Monitoring Data vs. Control Data

Industrial network engineers, however, have always been uneasy with protecting information. Consider a six-story catalytic cracking tower full of high-pressure, high-temperature hydrocarbon liquids and gasses. Imagine we are standing in front of the cracker watching a technician carrying out routine maintenance. In front of us are two analog gauges reporting temperature and pressure, and a dial controlling the flow of fuel to the cracker’s furnace.

We look over our shoulder and notice that, outside the fence, someone is sitting with a telescope pointed at the gauges, taking notes. We tap the technician on the shoulder. “That person over there seems to be writing down our settings,” we say. “They are stealing information.” What does the technician do? They might call corporate security. Depending on policy, they might shrug their shoulders and go back to work. The consequence of stealing that information is a business consequence – it is somebody else’s problem.

Now imagine that the person behind the telescope cuts a hole in the fence, runs up to us, cranks the furnace fuel feed hard to the right, and runs away. What does the technician do? They scream for security. They run to the dial and returns it immediately to the correct position. Over-heating the cracker risks damage to the catalyst and possibly a fire and an explosion.

The point here is that monitoring information that leaves the site is just information – with value comparable to the value of any other information in an IT network. All control information that enters the industrial site, however, is a potential threat. Calling both examples simply “attacks on information” and saying “encrypt everything to protect the information” ignores this fundamental difference.

“…monitoring information that leaves the site is just information – with value comparable to the value of any other information in an IT network. All control information that enters the industrial site, however, is a potential threat.”

Protect The Information?

In many, but not all, industries, the goal for most network engineers is not to “protect the information” but rather to prevent unacceptable physical consequences of cyber attacks. Universal connectivity lets monitoring information leave the plant, yes, but it also lets potentially dangerous control information enter the plant. Encryption provides no protection against a compromised cloud that sends attack information into the plant inside of an encrypted, authenticated connection.

Putting cryptographic and other protections in place for monitoring information that leaves the site makes sense. The business and societal consequences of an attacker stealing monitoring information are similar to the consequences of an attacker stealing other kinds of business information. Putting information-protecting mechanisms in place for control information is often woefully inadequate, because at many industrial sites, the consequences of compromised controls are completely unacceptable.

Hope Is Not Good Engineering

Engineers are also uneasy with the focus on detect, respond, and recover activities. Hoping that we can detect attacks in progress and respond in time to prevent unacceptable physical consequences is not good engineering. Engineers do not “hope” their bridges will not collapse, nor “hope” that their 300-ton steam turbines will not shake themselves to pieces. Engineers design systems that simply do not fail in the face of a defined set of threats. That said, yes engineers often do monitor or periodically inspect their finished products to ensure that they are holding up as designed, but any engineer caught “crossing their fingers” in a design risks being drummed out of the profession.

To read further on network engineering solutions at IT/OT or OT/Internet criticality boundaries, click here to request a free copy of the author’s latest book: Engineering-Grade OT Security: A manager’s guide.

About the author

Andrew Ginter

NIS2 and the Cyber Resilience Act (CRA) – Episode 142

August 18, 2025

SCADA Security Fundamentals

August 14, 2025

What is OT Network Monitoring?

August 14, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post OT Security: Are We Protecting the Information? appeared first on Waterfall Security Solutions.

The Challenges of Safeguarding Data Center Infrastructure

Waterfall team — Tue, 05 Sep 2023 12:37:31 +0000

OT Insights Center FacilitiesThe Challenges of Safeguarding Data Center Infrastructure

The Challenges of Safeguarding Data Center Infrastructure

In today's technology-driven world, data centers serve as the lifeblood for countless industries by housing and processing vast amounts of information. As data centers grow in scale and complexity, so do the security challenges they face. Among the various security aspects, the threat to Operational Technology (OT) and Industrial Control Systems (ICS) have emerged as a real concern. In this blog post, we’ll shed some light on the significance of industrial security for data centers infrastructure and highlight the key measures to ensure protection.

Waterfall team

September 5, 2023

Understanding OT and ICS in Data Centers

Operational Technology (OT) refers to the hardware and software systems that monitor and control physical devices and processes that support data center operations. This includes supervisory control and data acquisition (SCADA) systems, building automation systems, power management systems, and other industrial-type controls. Industrial Control Systems (ICS), a subset of OT, manage and automate industrial processes, in data centers as in other industries, enabling seamless coordination between various components.

In data centers, ICS play a crucial role in managing cooling, power distribution, access control, and physical security. By optimizing these critical processes, data centers can maintain high availability, efficient energy usage, and optimal performance. However, this convergence of OT and ICS with traditional IT systems also introduces potential vulnerabilities that malicious actors can exploit.

…as data centers grow in scale and complexity, so do the security challenges they face.

Challenges in OT and ICS Security

Legacy Systems: Many data centers still rely on legacy OT and ICS systems that were designed without strong cybersecurity in mind. These systems might lack encryption, authentication protocols, or even security updates, making them susceptible to cyber threats. Replacing these systems, however, can be costly and difficult. Replacing these systems may reduce some cybersecurity issues, but any such upgrade involves large investments in engineering analysis and testing of the new systems to minimize the risk of forced downtime due to unexpected errors or operation of control systems post-upgrade – problems that put data center uptime at risk.

Interconnectivity: The seamless integration between OT, ICS, and IT systems improves efficiency but also expands the attack surface. Any breach in one system could potentially spread to others, leading to problematic consequences that can lead to downtime.

Insider Threats: Insider threats, whether intentional attacks or unintentional errors and omissions, can compromise data center security and trigger unplanned shut-downs of physical infrastructure.

Growing Complexity: Modern data center infrastructure, designed for efficiency, uptime and minimal environmental impact, coupled with the constant deployment of new technologies, makes it challenging to maintain a comprehensive understanding of potential attack paths.

Attractive Target for Cyber Attacks: Data centers represent high-value targets for cyber criminals and hacktivists due to both the sensitive information data centers store and the potential for disrupting financial, commercial and other essential operations in a society on a large scale.

Key Strategies for OT and ICS Security in Data Centers

Understand your OT Risks: Conducting regular risk assessments to enable understanding of which physical infrastructure is critical, is an essential part of identifying potential weaknesses in OT and ICS systems. This helps prioritize security measures and allocate resources effectively. Many issues can be prevented once someone is aware of them, and OT security is no exception.

Network Segmentation: Implementing strict network segmentation between industrial OT, and IT systems limits the threat of lateral movement in case of a breach. This ensures that compromising one system doesn’t lead to the entire data center being compromised. This also helps ensure that if one system is indeed compromised, it does not require a precautionary shutdown of all the other systems.

Secure Access Controls: Enforcing strong software access controls such as multi-factor authentication, least privilege principles, and role-based access to limit unauthorized access to critical systems helps to a degree, but sophisticated attackers routinely bypass such measures. Unidirectional gateways deployed at the IT/OT interface/connection are impenetrable to cyber attacks originating on IT networks or the Internet, even for sophisticated attacks.

Updates and Patches: Within IT, we upgrade and patch systems regularly and routinely. If an update proves problematic, we back it out. With OT, patch management is more difficult. As we explored in-depth in our Industrial Security Podcast episode 109, updating industrial controls systems can cause many side-effects, some of which are as serious as the cyber attacks the patches are intended to deflect – in a sense, “the cure is as bad as the disease.” While keeping all OT and ICS systems up-to-date with the latest security patches and firmware upgrades reduces the risk of exploiting known vulnerabilities, it can create immediate issues that include downtime, and that is never an acceptable side effect for any solution.

At the heart of modern technological infrastructure, data centers naturally prioritize OT and ICS security to safeguard critical operations and sensitive data. By understanding the unique challenges and implementing proactive security measures, data center operators can ensure the highest levels of protection against evolving cyber threats. A determined approach that includes risk assessment, network segmentation, access controls, and employee awareness will fortify data center infrastructure against potential breaches, enabling a safer digital future.

Want to learn how Waterfall Security helps protect data center OT?

Read our case study Cybersecurity for Data Centers with a real-world example of a data center in the Asian-Pacific region.

About the author

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post The Challenges of Safeguarding Data Center Infrastructure appeared first on Waterfall Security Solutions.

ot – Waterfall Security Solutions

What is OT Anyway?

What is OT Anyway?

What does the term OT really mean? What did it mean 20 years ago? What does it mean today?

Andrew Ginter

Arcane Terminology

Process vs. Discrete Manufacturing

Human-Machine Interface (HMI)

OT Security Priorities

About the author

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

OT Security: Are We Protecting the Information?

OT Security: Are We Protecting the Information?

Industrial network engineers have always been uneasy with the task of "protecting information". The real priority for OT security is in stopping inbound malicious information from entering the system and threatening machinery and workers.

Andrew Ginter

Monitoring Data vs. Control Data

Protect The Information?

Hope Is Not Good Engineering

About the author

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

The Challenges of Safeguarding Data Center Infrastructure

The Challenges of Safeguarding Data Center Infrastructure

Waterfall team

Share

About the author

Waterfall team

Trending posts

Stay up to date

Tags