Network Function for Reliable and Secure Control Messaging over Commodity Transport
March 3, 2017
Abstract: Organizations such as the Linking the Oil and Gas Industry to Improve Cybersecurity (LOGIIC), DHS Science and Technology Directorate, and NESCOR have catalogued a lack of consistent communication security policy across the oil and gas industry automation systems. Their reports outline how sensor and automation systems have vulnerabilities in their network design and implementation. To this end we are addressing the gap that is created by a lack of vendor solutions with programmable network functions. Our proposed solution is vendor agnostic, independent of hardware lifecycles, and has the programmability necessary to handle changing system demands over time as run-time needs and safety considerations evolve. Our activities encompass the design and implementation of a network function which can be deployed without disruption into existing control networks, providing both reliable and secure transport between sites irrespective of the capabilities of the existing endpoint equipment. New security protocols and policies may be injected into this network function deployment without impacting production sensor or control equipment. Such deployments allow for the secure and reliable use of commodity transport providers, including naturally lossy connections such as satellite and terrestrial wireless, without compromising the integrity of data or control messages across the overall system.