Sponsored Feature Cyber-physical systems have a vital role to play in our increasingly connected world.
CPS works by uniting computation, control systems, sensors and networks with physical infrastructure, linking all these elements to the Internet and to each other.
It also connects the operational technology that controls industrial equipment, joins up the Internet of Medical Things, and powers building management systems.
In a pre-XIoT world, all of these individual systems and infrastructural elements would have operated in isolation, such that if anything failed or was compromised by a cyber-attack then damage was limited to a single silo.
New and more integrated forms of industrial control system can be vulnerable by virtue of their interconnected and highly distributed nature, but are not easily protected with traditional security and monitoring solutions.
Taking these systems offline to upgrade them with better security can be difficult and very expensive, if it can be done at all.
It kicks off by providing an overview of the current state of cyber-physical systems, exploring the challenges, risks, and issues that organisations must confront in deploying a solution.
This provides guidance on the key capabilities they should expect from leading systems.
The ideal solution will feature a central analysis server that collects telemetry for devices it protects.
Collecting telemetry can be more challenging in an XIoT environment than with regular IT systems.
Table stakes: Functionality that should be part of any solution - Given how complex XIoT can be, any solution must have the breadth to provide insights into all devices.
Many CPS devices can't be scanned or interacted with by their nature, so any solution should feature a way to carry out passive checks.
Depth is as important as breadth, with solutions needing to identify vulnerabilities and risks at all levels.
Solutions should support a broad array of industrial protocols and provide a variety of collection methods so as to be able to properly monitor asset activity.
Remote access tools are often unsuitable for XIoT needs, so the best kind of solutions will offer support for this sort of environment.
Business criteria: Non-functional requirements - Solutions must scale easily to meet fluctuating requirements and unpredictable additional demands.
Users want solutions that are easy for them to understand and benefit from, which means web applications with graphical interfaces and ways to connect with familiar tools.
The solution should be deployable seamlessly without needing to mess with different configurations.
There must be easy integration with other security tools including endpoint protection, network access controls, next-gen firewalls and SIEM. It's important remember that not all security solutions were designed with CPS and XIoT in mind.
Just as the Internet transformed the way people interact with information, cyber-physical systems are transforming the way people interact with engineered systems.
This Cyber News was published on go.theregister.com. Publication date: Mon, 19 Feb 2024 09:13:05 +0000