Development of ICS Security
1.1 Development of Industrial Intelligence
The following figure shows the development history of industrial control systems (ICSs).
The history of ICSs can date back to the 18th century when James Watt improved the steam engine by adding a throttling controller, i.e., a centrifugal governor. The centrifugal governor works like this: It obtains feedback signals by using a shaft around which it rotates with the steam engine. Also, it adjusts the positions of flyballs with the aid of centrifugal force, so as to regulate the steam throttle for control of the rotational speed of the steam engine. It is believed that this kind of centrifugal governor marks the beginning of automatic regulation and automatic control.
Within more than one century since the advent of centrifugal governor, most of industrial control systems were focused on the control of temperatures, pressure, liquid level, and rotational speed of machines. With the development of industrial systems and emergence of a lot of control issues in the military area in World War II, the period from mid-19th century to mid-20th century saw all-round development of control theories (such as negative feedback and control system stability theories) and control systems (including industrial control devices like pneumatic control devices, relay control devices, servers, and feedback loop control components).
In 1950s to 1960s, computer technologies started to be integrated into ICSs where analog control circuits were gradually replaced by digital control circuits and electrical control circuits were superseded by Programmable Logic Controllers (PLCs). As control systems were digitalized in an all-round way, they can implement more complex control procedures with more sophisticated control algorithms, witnessing a qualitative leap in performance. However, up to now, ICSs are still centralized control systems.
In the mid-1970s, as large-scale industrial equipment emerged, process continuity became increasingly important, and more parameters needed to be controlled, centralized control systems were inadequate to meet ICS requirements, and thus were gradually replaced by distributed control systems. More and more industrial control sectors like mechanical manufacturing, petrochemical, metallurgy, automobile, and light industry, gradually employed distributed control systems.
In late 1990s, fieldbus control systems (FCSs) arrived, integrating computer technologies, network technologies, and control technologies. Compared with distributed control systems, FCSs have higher reliability, stronger functions, more flexible structures, and higher adaptability.
1.1.1 ICS Architecture
Industrial control system (ICS) is a general term that encompasses several types of control systems used in industrial production, including Supervisory Control and Data Acquisition (SCADA) systems, distributed control systems, and other minor control systems like PLCs. The following figure shows the logical architecture of ICSs.
The field device layer mainly collects analog and digital values of field instruments, including the force, temperature, and humidity. Those values have different definitions in different scenarios. The field control layer collects data of field i¬nstruments and monitors the operating status of these instruments by following the established logic. In scenarios involving closed-loop control, this layer adjusts and handles the collected data. The monitoring and control layer, based on the computing environment of IT computers, collects, handles, and presents controller data, through various connections to controllers. Configuration ¬¬software configures data indicators of business objects to implement business logic control. Meanwhile, for adaptation to different application scenarios, such software, through screen configuration, matches I/O points for data collection with business scenarios for analysis and presentation of historical production data. The production management layer primarily handles production schedules, optimizes business process directives, and controls scheduling directives. We can see that this layer puts emphasis on management of scheduled tasks.
1.1.2 Industry 4.0
Germany put forward a concept of industry 4.0 at Hanover Fair, noting that it planned to invest 200 million euros to push forward industrial revolution which is based on cyber-physical system (CPS) and characterized by highly digitized, networked, and self-organizing production. By improving computerization, digitalization, and intelligence for the manufacturing sector, Industry 4.0 aims to set up adaptive and resource-efficient smart factories and integrate customers and business partners in the business process and value process.
According to the industrial development history, the steam engine technology sped up the popularization of mechanized production, bringing the human society to the industry 1.0 era; the
emergence of electrical power promoted scale production, thus ushering in industry 2.0; the application of informatization technologies made automated production possible, leading the human society to the industry 3.0 era; the in-depth integration of new technologies such as the Internet of things (IoT) and industrial technologies contributes to an intelligent industrial era, i.e., industry 4.0. Driven by requirements for individualized intelligent products, industry 4.0 will enable a new generation of industrial innovations with the strong support of new technologies such as IoT and big data.
Industry 4.0 has the following characteristics:
- Vertical integration: integration of automatic control systems of machines and product lines, the factory’s manufacturing execution system, and the enterprise resource planning system. The
purpose is to bridge the historic gap between information systems and automation systems to improve the production capability of factories and enterprises. - Horizontal integration: integration of business systems that are within the enterprise and across enterprise borders. In this way, information sharing and business functions can be integrated across organization borders, thus increasing the overall competitiveness of the value chain.
- Digital integration of the end-to-end value chain: This aims to implement the vision of “intelligent manufacturing cloud”. In this case, users can acquire the desired product as long as they submit requirements. Also, manufacturing and business capabilities of enterprises of the related value chain in the cloud are released in the form of API. This makes fast and flexible combination and secure scheduling and execution possible, thus giving full play to the ecosystem’s comprehensive capabilities in multiple aspects such as design, manufacturing, and service.
As new technologies including IoT are becoming mature, traditional industries will be gradually moving toward industry 4.0 after going through a three-stage revolution: manufacturer to manufacturer (M2M), business to business (B2B), and customer to manufacturer (C2M). Transitioning to industry 4.0 will comprehensively boost the business value and capabilities, as demonstrated in accelerated product innovations, optimized production operations, and delivery of brand new services:
- Enterprises, with a high flexibility in production and manufacturing, are more adaptable to production processes of the market.
- If different stages in the value chain interconnect and interact with each other throughout a sound product lifecycle, enterprises have been capable of focusing on user requirements in a professional way.
- The overall competitiveness will be increased on a value chain basis.
- New services and business models will be launched to open up new markets.
Industry 4.0 allows manufacturing enterprises to respond to customer requirements at an unprecedented rate. Emerging technologies implemented in this era will improve the flexibility, speed,
efficiency, and quality of production processes. In addition, industry 4.0 brings new commercial modes, production processes, and other innovations. As more and more manufacturing enterprises implement or enhance product customization by putting investment in industry 4.0 technologies, a higher level of massive customization will be a possibility.
1.1.3 Industrial Internet
Industrial Internet is a high-level integration of the global industrial system with advanced computation, analysis, and sensor technologies, and the Internet. Through connections between intelligent machines and finally human-machine connections, the industrial Internet, in combination with software and big data analysis, will reshape the global industry and increase the production efficiency, contributing to a cleaner, faster and securer world. In traditional ICSs, though most industrial control scenarios have information technologies implemented, real-time information interactions are seldom seen between industrial enterprises, between industrial enterprises and users, and between suppliers. As a result, coordination is conducted in an inefficient way between traditional industrial enterprises and between enterprises and users. Industrial Internet, however, can effectively integrate information resources in industrial systems to increase the production efficiency at a lower cost and implement individualized and intelligent industrial production.
Industrial Internet platforms are actually service systems to collect, aggregate, and analyze massive data, so as to address digitalization, networking, and intelligence requirements of the manufacturing sector. These platforms provide support for industrial cloud platforms that feature ubiquitous connections between manufacturing resources, flexible supply, and efficient configuration. Industrial Internet platforms are essentially built into precise, real-time, and efficient data collection and interconnection systems to provide development environments that encompass industrial big data storage, integration, access, analysis, and management. Such platforms can implement modeling of industrial technologies, experience, and knowledge, standardization, and reuse in the form of software. By constantly optimizing the R&D design, production and manufacturing, operation and management to increase the resource allocation efficiency, enterprises will finally use industrial Internet platforms to build a new manufacturing ecology that features rich resources, multi-party engagement, win-win cooperation, and collaborative evolution. Industrial Internet platforms are positioned as follows:
- Industrial Internet platforms are an iterative upgrade of traditional industrial cloud platforms. The evolution from industrial cloud platforms to industrial Internet platforms is to achieve a five-stage process: cost reduction, application integration, capability trading, innovation leading industrial development, and ecology building. In addition to software tool sharing and business software integration of traditional industrial cloud platforms, industrial Internet platforms add functions such as open manufacturing capabilities, knowledge and experience reuse, and developer aggregation, significantly increasing the industrial knowledge production, dissemination, and utilization efficiency, constituting an ecology characterized by mutual promotion and bidirectional iteration between a great number of applications and industrial users.
- Industrial Internet platforms are “operating systems” of the new industrial system. As industrial Internet platforms rise and develop, the original closed, isolated, and fixed industrial systems
will be phased out and flat, flexible, and efficient organizational structures will become the mainstream form of the new industrial system. Equipped with an efficient device integration model, a powerful data processing engine, open development environment tool, and componentized industrial knowledge micro-services, the industrial Internet platforms connects to a large number of downstream industrial equipment, instruments, and products and provides support for rapid development and deployment of upstream industrial intelligent applications, playing an important role that can compare with Microsoft’s Windows systems, Google’s Android systems, and Apple’s iOS systems. - Industrial Internet platforms are a kind of efficient carrier for resource aggregation and sharing. Industrial Internet platforms aggregate the information flow, capital flow, talent creativity, and manufacturing tools and capabilities in the cloud; gather industrial enterprises, information communication enterprises, Internet enterprises, third-party developers, and other entities in the cloud; fuse data science, industrial science, management science, information science, and computer science. In this way, such platforms promote integration and sharing of resources,
entities, and knowledge, forming a socialized collaborative production mode and organizational model. - Industrial Internet platforms are key to enterprises’ gaining new competitive advantages. Currently, international leading enterprises including General Electric Company (GE) and Siemens, have introduced an “intelligent machine+cloud platform+industrial app” architecture to integrate “platform provider+application developer+a mass of users” ecological resources to scramble for controlling power over the input of industrial data. Besides, they train a large number of developers and increase user stickiness to constantly gain and consolidate new data-driven industrial intelligence advantages by using platforms as carriers, with the ultimate goal of gaining the vantage point in the new industrial revolution.
To be continued.