The Growing Importance and Challenges of Wireless Networks in Operational Technology
Wireless Networks are an expected component of everyday life. Some may not even remember a time without them, while others’ memories range from excitement of being untethered, to dread when addressing installations, configurations, and access policies. Wherever your memory falls into the wide spectrum of its presence, wireless access is now essential in network environments for users’ mobility and accessibility when performing any work.
Though wireless networks have been used in Operational Technology (OT) for decades, its use was a limited and cautious path to adoption. An early adoption area was in warehouse management for inventory tracking through wireless barcode scanners. Another was through the use of wireless radio supported SCADA (Supervisory Control and Data Acquisition) sensors for remote monitoring of equipment and environmental conditions in hard to reach or unfriendly to human life sites.
Regardless of some early use, leveraging wireless technology was not deemed suitable for critical infrastructure, largely due to reliability and security concerns. However, with improvements in both of those areas and the implementation of regulatory standards, wireless networks have become essential in the modernization of established facilities and is a standard requirement for design and architecture considerations of many organizations.
Whether in the Corporate or OT environment, there are variables in the technology’s platform that are common and continue to be constant challenges for administrators and users. Challenges such as signal interference, coverage and dead zones, and avoiding channel signal overlap, combined with the diverse group of users and applications, all contribute to the complexity for the feeding and care of the environment. These challenges, once primarily scoped to providing basic access to file shares and the internet, have expanded to involved administrative and operational concerns. With some OT facilities the variables’ complexity are typically increased due to factors such as the building materials used, layout for robot movement paths and docking stations, limitations imposed by existing legacy equipment, and the high costs associated with upgrades. These contributing factors can lead to the trade-off and reduction of secure configuration due to prioritization to safety and reliability.
One example, which may seem trivial at a first glance, is the access needed for automation when using autonomous mobile robots (AMRs). Their use of wireless communication ranges from where its docking station is located when needing to recharge, communicating within its assigned manufacturing line for transport of needed materials or packaging of finished product, to providing its operational status to engineering or the vendor for maintenance. With just these few communications examples there are multiple layers of internal and external access controls that require detailed knowledge and understanding to ensure effective and secure configurations are implemented and functioning as intended. Even when the design is completed and implemented, regular review of the configurations to access control lists, monitoring for unauthorized changes, and testing signal strength and interference is needed. These reviews will help to ensure unintended changes do not reduce the intended design objectives for safety, reliability and security.
Regular Review:
Though wireless use in OT is still evolving, critical applications and processes have a continued need for a level of communication reliability and speed that relies on the stability of copper and fiber connections. Regardless, the need for regular configuration reviews, monitoring, and testing are operational tasks that need to reach a higher level of scrutiny in order to add a sufficient level of assurance that the platform operates only as designed and intended.
Are you concerned about the wireless networks operating in your environment? Regular configuration reviews are essential in providing the needed visibility to assess where real issues are and provide effective mitigations to risks in critical OT processes. Secure Ideas can partner with your organization and help provide many services from consulting and advisory, security assessments, to penetration testing engagements. Secure Ideas strives to deliver meaningful guidance for improving the overall effectiveness, resiliency, and reduction of real risk to your network.
About The Author:
Jon Knepp is a Senior Security Consultant at Secure Ideas with over two decades of experience in systems administration, infrastructure architecture, and technical leadership. He has worked across a variety of industries, including Financial Services, Healthcare, and Oil & Gas, and is passionate about helping small to medium-sized businesses enhance their cybersecurity. Jon leverages his technical expertise and business acumen to craft tailored security strategies, and through his webcasts and consulting, he empowers organizations to build safer, more resilient digital environments. Want more expert insights from Jon Knepp? Read more of his blogs for actionable cybersecurity tips and strategies.