The purpose of this paper is to raise awareness around common OSI Layer 2 networking misconfigurations found in Industrial Process Control Networks. These misconfigurations often introduce significant security vulnerabilities and negatively impact ICS availability. We'll discuss the commonly found misconfigurations and demonstrate how they impact ICS security and availability, and present a case study from an oil & gas refinery that suffered widespread PCN outages as a result of these misconfigurations when attempting to upgrade two existing PCN switches.
Prepared for Presentation at
SANS ICS Security Summit & Training March 2019
Keywords: PCN, Process Control Network, ICS, OSI, Configuration, Security, Safety, Cybersecurity
aeSolutions has extensive experience in assessing, designing, optimizing, securing and commissioning complex PCNs. We specialize in helping industrial operating companies (who often have limited onsite networking staff) to unravel and clearly document their networks, and to identify reliability issues caused by poor network architectures and common misconfiguration issues. We then develop and implement detailed remediation plans to correct and optimize your PCN to improve both the reliability and security of your operation.
See also PCN Domain Design