Full Report
Idaho and the Idaho National Laboratory (INL) are at the forefront of efforts to safeguard public health in... The post Idaho and INL lead the charge in cyber-informed engineering to protect water systems appeared first on Industrial Cyber.
Analysis Summary
# Best Practices: Cyber-Informed Engineering (CIE) for Critical Infrastructure (Water Systems Focus)
## Overview
These practices center on Cyber-Informed Engineering (CIE), an approach originating from the Idaho National Laboratory (INL). CIE emphasizes integrating cybersecurity considerations directly into the design, operation, and modernization of operational technology (OT) and industrial control systems (ICS), recognizing that determined attackers will eventually breach protective measures. The goal is to design systems that can either withstand minimal damage or fail safely when compromised.
## Key Recommendations
### Immediate Actions
1. **Assess Current System Resilience:** Begin evaluating existing water and wastewater systems to understand their current reliance on digital instrumentation versus analog/manual controls.
2. **Engage Engineering Consultants on CIE:** Immediately communicate the necessity of incorporating CIE principles to the engineering consultants responsible for system design and modernization projects, as they are key decision-makers.
3. **Prioritize Safe Failure Modes:** For any component replacement or immediate vulnerability, prioritize designs that ensure the system defaults to a safe state (e.g., manual operation) rather than a hazardous failure state upon cyber intrusion.
### Short-term Improvements (1-3 months)
1. **Adopt CIE Principles in Design Reviews:** Mandate the inclusion of CIE risk assessments and consequence-based security methodology in all proposed system upgrades or replacements. (This aligns with incentives provided by entities like the Idaho Department of Environmental Quality for funding applications.)
2. **Leverage Existing Frameworks:** Utilize publicly available INL tools, training sessions, and working group outputs developed to assist organizations in adopting CIE.
3. **Investigate Manual Fallback Capabilities:** Identify and test the ability to switch digitally controlled plant processes (like chemical manipulation or flow control) back to manual/analog operation quickly and reliably in the event of a cyber incident.
### Long-term Strategy (3+ months)
1. **Integrate CIE into Education/Training:** Partner with academic institutions or utilize established curriculum guides (like those developed with Boise State or Idaho State) to ensure that internal staff and future system designers are thoroughly trained in CIE.
2. **Develop Consequence-Based Security Models:** Implement a risk evaluation framework, similar to those published by INL, to systematically assess the potential consequences of cyber impacts against system architectures (e.g., for SCADA, HMI, and newly implemented IoT/digital components).
3. **Establish Sector-Specific Research Access:** If applicable, seek collaborations that provide access to advanced OT security testing facilities (like the Cybercore Integration Center) to validate new designs and system resilience before deployment.
## Implementation Guidance
### For Small Organizations
- **Focus on Critical 80%:** Prioritize the 80% of changes that are relatively straightforward for smaller utilities to implement, focusing primarily on ensuring reliable manual failover capability for SCADA or chemical dosing systems.
- **Incentive Alignment:** Ensure all grant proposals seeking modernization funds explicitly detail the incorporation of CIE to maximize funding prospects.
### For Medium Organizations
- **Consultant Engagement:** Actively collaborate with consultants (like West Yost) already licensed or familiar with INL methodologies to accelerate the integration of consequence-based security into refurbishing plans.
- **Targeted Component Upgrades:** Focus CIE application on high-risk digital components like Supervisory Control and Data Acquisition (SCADA) systems and Human-Machine Interfaces (HMI), which are common entry points.
### For Large Enterprises
- **Formalize Policy:** Officially adopt the National Cyber-Informed Engineering Strategy into internal design and procurement policies across all critical infrastructure segments (water, energy, etc.).
- **Establish Cross-Sector Working Groups:** Form internal groups that bring together OT engineers, IT security personnel, and design specialists to ensure holistic lifecycle integration of CIE, moving beyond simple perimeter security.
## Configuration Examples
*(Note: The text emphasizes the *methodology* of design rather than specific hard configurations. Configuration guidance stems from the CIE mindset.)*
- **System Architecture:** Design system segmentation such that manual/analog controls and safety instrumented systems (SIS) are physically or logically isolated from the primary digital supervisory network, enabling rapid air-gapping or isolation upon detection of an intrusion.
- **HMI Security:** When digital HMIs are deployed, ensure ongoing vulnerability management and secure configuration, as they remain potential targets for attackers seeking to manipulate control parameters. Always test the manual control path that bypasses the compromised HMI.
## Compliance Alignment
- **NIST Cybersecurity Framework:** Implementing CIE directly supports the **Identify** (Asset Management, Risk Assessment) and **Protect** (Defenses, Maintenance) functions by integrating resilience into foundational design.
- **DoE Strategies:** Align procurement and design mandates with the Department of Energy’s **National Cyber-Informed Engineering Strategy** and **National Cybersecurity Strategy**.
- **Consequence-Based Security:** Utilize methodologies derived from INL research, which focus on minimizing the *impact* of a breach rather than solely preventing initial entry.
## Common Pitfalls to Avoid
- **Treating Security as an Add-on:** Avoid the "whack-a-mole" approach of applying security patches retrospectively; CIE requires security to be foundational to the design.
- **Over-reliance on Digital Modernization Without Safety Nets:** Do not assume new digital controls are inherently more secure; ensure every new networked component is assessed for safe failure capability.
- **Neglecting System Operators/Designers:** Failing to educate or mandate participation from consultant engineers and operational staff in understanding CIE principles will render the strategy ineffective at the point of implementation.
## Resources
- **Cyber-Informed Engineering (CIE) Methodology:** Reference documentation and white papers published by the Idaho National Laboratory (INL) detailing the core principles.
- **CIE Curriculum Guide:** Utilize educational materials developed by INL in collaboration with participating universities to structure internal training around CIE concepts.
- **Consequence-Based Security Methodology:** Investigate INL-developed frameworks for stress-testing designs against potential system consequences (e.g., analysis applied to Battery Energy Storage Systems (BESS) or water treatment processes).