IND.2.3 Sensors and Actuators

Description

Introduction

Sensors are transmitters implemented as electronic components with a microprocessor and software that convert a physical quantity into an electrical output value. This is provided as a standardized unit signal (frequently 4 to 20 mA, 0 to 10 V) at a serial interface, or as digital information transmitted via a fieldbus or Ethernet protocols. In addition to measured values, transmitters often provide interfaces via which diagnostics and parameterization are performed. Thus, a sensor may, in addition to an electronic output value, also have additional interfaces — for example, WLAN, Bluetooth, or Wireless HART interfaces for parameterization and diagnostics.

There are many different sensors on the market — for example, for measuring physical quantities. Depending on the task, the range of functions and the performance of a sensor vary considerably. The spectrum encompasses, on one hand, sensors that merely deliver measured values and do not need to be configured. On the other hand, there are also sensors that enable calibration, configuration, or preprocessing of data up to complete signal processing (intelligent sensors, smart sensors).

Objective

The objective of this building block is to secure all types of sensors, regardless of manufacturer, design, intended use, and location. It can be applied to a single sensor or to a cohesive sensor assembly.

Scope and Modeling

The building block IND.2.3 Sensors and Actuators MUST be applied once to sensors and actuators.

This building block is to be applied to secure sensors. It supplements the superordinate building block IND.2.1 General ICS Component and requires that building block as a prerequisite.

Simple sensors without configuration interfaces or more complex processing logic are not covered by this building block, since the possible protective measures for these are limited to securing physical access to the sensor and monitoring whether it is active.

The building block also does not address the protection of complex wireless sensor networks. It merely describes how individual sensors can be secured. Furthermore, no security requirements for process control and automation technology are described. For this, the building block IND.1 Process Control and Automation Technology MUST be implemented.

Threat Landscape

Since IT-Grundschutz building blocks cannot address individual information domains, typical scenarios are used to describe the threat landscape. The following specific threats and vulnerabilities are of particular relevance for the building block IND.2.3 Sensors and Actuators.

Insufficient Security Requirements in Procurement

Sensors for ICS components in industrial environments are often exposed to special conditions that can compromise safe operation. Examples include extreme heat, cold, humidity, dust, vibration, or corrosive and caustic atmospheres. Multiple factors often occur simultaneously. Such harmful environmental influences can cause the sensors of ICS components to wear out more quickly, fail earlier, or measure erroneous values.

Due to a lack of awareness of the risks and for cost reasons, information security is often not taken into account during procurement and installation. As a result, sensors may sometimes contain serious vulnerabilities that are later very costly to remediate.

Requirements

The following are the specific requirements of the building block IND.2.3 Sensors and Actuators. The Information Security Officer (ISO) is responsible for ensuring that all requirements are fulfilled and reviewed in accordance with the established security concept. The ISO MUST always be involved in strategic decisions.

Additional roles are defined in the IT-Grundschutz Compendium. These SHOULD be filled insofar as this is meaningful and appropriate.

Exactly one role SHOULD be primarily responsible. There may additionally be further responsibilities. If one of these additional roles is primarily responsible for fulfilling a requirement, that role is listed in square brackets after the requirement heading. The use of singular or plural says nothing about how many people SHOULD fill these roles.

Basic Requirements

The following requirements MUST be fulfilled with priority for this building block.

IND.2.3.A1 Installation of Sensors (B) [OT Operations (Operational Technology, OT), Maintenance Personnel]

Sensors MUST be installed in an appropriate manner. Sensors MUST be sufficiently robust. They MUST be able to measure reliably under the prevailing environmental conditions — such as extreme heat, cold, dust, vibration, or corrosion.

Standard Requirements

Together with the basic requirements, the following requirements represent the state of the art for this building block. They SHOULD generally be fulfilled.

IND.2.3.A2 Calibration of Sensors (S) [Maintenance Personnel]

Where necessary, sensors SHOULD be calibrated regularly. The calibrations SHOULD be appropriately documented. Access to the calibration of a sensor MUST be protected.

Requirements for High Protection Needs

The following are exemplary proposals for requirements that go beyond the level of protection corresponding to the state of the art for this building block. These proposals SHOULD be considered when there are elevated protection needs. The specific determination is made within the framework of an individual risk analysis.

IND.2.3.A3 Wireless Communication (H)

Wireless management interfaces such as Bluetooth, WLAN, or NFC SHOULD NOT be used. All unused communication interfaces SHOULD be deactivated.

Additional Information

Good to Know

No further information is available for the building block IND.2.3 Sensors and Actuators.