Industrial plants are adopting an increasing number of digital interconnected technologies that are enriched by several software applications. The IT/OT convergence offers several benefits in terms of efficiency and flexibility but it opens as many issues in terms of cyber vulnerabilities because industrial plants were not designed to be open to Internet. The frequency of successful cyber attacks shows that typical security solutions are inadequate to the novel complexity of industrial contexts. This novel scenario requires original approaches differing from traditional multi-layer networking solutions that are applicable just to rigid and stable infrastructures. We explore the applicability of Zero Trust Architecture (ZTA) principles to the industrial context by designing, implementing and testing an integrated defensive solution. The results obtained through a working prototype show that it is possible to implement a Zero Trust identity-centric approach in an industrial context to increase the security and flexibility of the system while providing complete visibility over the entire network. The proposed approach can be used to strengthen legacy industrial systems that were designed for offline use, and to allow the adoption of innovative technologies that minimize the cyber risk for the overall infrastructure.
Zanasi, C., Magnanini, F., Russo, S., Colajanni, M. (2022). A Zero Trust approach for the cybersecurity of Industrial Control Systems. IEEE [10.1109/NCA57778.2022.10013559].
A Zero Trust approach for the cybersecurity of Industrial Control Systems
Zanasi, Claudio
;Russo, Silvio;Colajanni, Michele
2022
Abstract
Industrial plants are adopting an increasing number of digital interconnected technologies that are enriched by several software applications. The IT/OT convergence offers several benefits in terms of efficiency and flexibility but it opens as many issues in terms of cyber vulnerabilities because industrial plants were not designed to be open to Internet. The frequency of successful cyber attacks shows that typical security solutions are inadequate to the novel complexity of industrial contexts. This novel scenario requires original approaches differing from traditional multi-layer networking solutions that are applicable just to rigid and stable infrastructures. We explore the applicability of Zero Trust Architecture (ZTA) principles to the industrial context by designing, implementing and testing an integrated defensive solution. The results obtained through a working prototype show that it is possible to implement a Zero Trust identity-centric approach in an industrial context to increase the security and flexibility of the system while providing complete visibility over the entire network. The proposed approach can be used to strengthen legacy industrial systems that were designed for offline use, and to allow the adoption of innovative technologies that minimize the cyber risk for the overall infrastructure.| File | Dimensione | Formato | |
|---|---|---|---|
|
A_Zero_Trust_approach.pdf
accesso aperto
Tipo:
Postprint
Licenza:
Licenza per accesso libero gratuito
Dimensione
520.06 kB
Formato
Adobe PDF
|
520.06 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
