///////////////////////////////////////////////////
t cht lk
DEFENDING
TODAY’S OT
ENVIRONMENTS
Operational Technology, or OT, including
SCADA (supervisory control and data
acquisition) and ICS (industrial control
systems), is a system of hardware and
software designed to monitor and/or
control the physical devices, processes and
events used in the production and operation
segments of businesses and organisations,
including critical infrastructure (CI). John
Madisson, Senior Vice President, Products
and Solutions at Fortinet, tells us that
OT networks play a critical role in things
like production, manufacturing, defence
and emergency, food and agriculture and
financial systems. He says these systems
are traditionally kept separate from the IT
network and are often owned, managed and
operated by a different team.
www.intelligentcio.com
O
T devices and networks can be deployed anywhere inside
a manufacturing floor, distributed across a chemical
processing plant or out in the arctic monitoring oil and gas
pipelines. These OT systems often perform simple yet essential
tasks, such as monitoring a valve and shutting it off when a certain
value is triggered.
As a result, they can perform their tasks with little change for years,
which also means they sometimes run on ageing operating systems
and obsolete hardware using home grown applications. Since the
goal for an OT system is to run exactly as designed, even patches are
only applied if they do not hinder the process of the OT system.
But because these OT architectures run on a separate and isolated
infrastructure, until recently they have been traditionally isolated
from the Internet. One of the reasons for this is because these
systems are often tasked with monitoring and managing the
highly sensitive processes associated with critical infrastructure.
The other is that these systems can be notoriously delicate.
Something as benign as an active system scan can cause these
devices to fail; any failure or compromise can have serious if not
catastrophic results.
However, new requirements, such as connected power grids,
active inventory control, smart environmental control systems,
INTELLIGENTCIO
95