Pain points

Industrial Control Systems, (also known as Industrial Automation and Control Systems, IACS) are used for managing the automated industrial process and capturing data logged from the flow of the processes. ICS supports network connectivity to improve operational tasks, including remote supervisory and monitoring. Operational technology (OT) relates to the hardware and software which is used to control the equipment within the ICS itself. Traditional OT & Information Technology (IT) environments were separate, meaning OT owners relied on the ‘air gap’ that separated OT from IT systems in order to protect them. Cloud Computing & IoT (Internet of Things) aims to connect OT & ICT (Information and Communication Technology) infrastructure to various devices using different network connectivity technologies, but this bridging of the traditional ‘air gap’ has resulted in widened endpoints to the industrial network, leaving ICSs exposed to ever-increasing security risks and vulnerabilities.

Programmable Logic Controllers (PLC) serve as key component of ICS and OT systems and are equally susceptible to cyber-attacks, with inadequate access control and authentication within these systems posing a major challenge. As a result, 93% percent of all organizations with OT environments experienced hacking in the past twelve months by June 2022 with over 78% percent confronted with three or more security incidents. The result is increased demand for enhanced authentication for ICS/IACS and ICS component manufacturers are now actively reviewing the design architecture in building robust password-based credentials.

- Weak authentication in current PLC systems

Because ICSs are often limited in adapting higher security stacks due to their low computing output, the password-based credential is commonplace and still being used as an authentication mechanism for human users and processes. However, passwords bring with them significant challenges. Exploitation of these vulnerabilities were made clear via the Stuxnet case which directly targeted weakly configured password and continues to pose a risk today.

• Password sharing (where users not uniquely defined - not recommended)
• Password management between ID/PW specified for each PLC device
• Difficulty managing user changes (leavers/contractors)
• Inherent password weaknesses (static information vulnerable to brute forcing, phishing, credential stuffing etc)

- Reluctance to upgrade existing OT/PLC systems

In addition, security upgrades to existing OT systems often require significant time, manpower and resources, which in turn pose considerable cost implications for ICS and OT organisations and manufacturers. As a result, many PLCs continue to operate despite inherent vulnerabilities, leaving PLCs and the systems they operate at considerable risk.

Solutions

SSenStone’s Programmable Logic Controller OTAC provides a highly optimised and highly secure authentication solution specifically for PLC devices. It utilises our dynamic 'one-time authentication code' (OTAC) technology to resolve typical ICS/OT security challenges. OTAC ensures only known and authorised users/devices can access PLC using dynamic, non-reusable, constantly changing code guaranteed with 0% duplicates (defeats packet sniffing attacks)

• Password sharing in password-only authentication systems
• Difficulty managing ID/PW specified for each PLC device
• Difficulty managing user changes (leavers / contractors etc)
• Hacking attempts using password cracking software

Benefits

SSenStone’s Programmable Logic Controller OTAC allows manufacturers and operators to significantly increase security with minimal disruption and minimal computing requirements whilst at the same time removing password associated vulnerabilities, and thus greatly simplifying the authentication process. Resolving PLC challenges opens the door to faster time-to-market for new products and solutions and therefore increased productivity and ultimately efficiency, a critical component of all ICS and OT systems.

Why OTAC

OTAC, developed by SSenStone, is the original technology that provides all of the following features at the same time.

OTAC is a dynamic code, which means the code keeps changing. As a result, you don’t need to worry about any leak of your personal information, such as your card details, because the codes must have already been changed when others try to use them.
The network connection is NOT necessary at all for generating OTAC.

Reducing an authentication stage that requires the network connection directly means there are fewer gateways for the hackers to access our personal information.

Moreover, this feature enables users to authenticate even when they are in networkless environments, such as on the plane, underground, rural or foreign areas.
swIDch can guarantee that the code never duplicates with anyone at any given moment.

There is NO chance of someone else having the same code.
The users or their devices can be identified with the code alone.

Once OTAC has been generated, providing OTAC alone is already fully sufficient to identify the user as the code is unique.

It means, you can forget about the bundles of static information including IDs and passwords.

The University of Surrey, one of the leading global cyber security companies in the UK, conducted OTAC algorithm analysis and academic verification of SSenStone. For the full text of the thesis, please visit the University of Surrey website and download the report.

University of Surrey Website Download the Report

Contact Us

Improve your authentication environment and
make your service reliable with SSenStone!

Inquire now.

5F, 329, Cheonho-daero Dongdaemun-gu, Seoul, Republic of Korea (02622)

Contact below if you have an urgent inquiry.

Korea Office (SSenStone)

5F, 329, Cheonho-daero Dongdaemun-gu, Seoul, Republic of Korea (02622)

Tel : 02-569-9668 | Fax : 02-6455-9668

im@ssenstone.com

UK Office (swIDch)

swIDch Ltd Office 176, 1st Floor, 3 More London Riverside, London SE1 2RE

Tel : 020-3283-4081

info@swidch.com

Programmable Logic Controller OTAC