In the world of operational technology (OT), where critical infrastructure and industrial processes rely on interconnected systems, safety, security, and reliability are paramount. The concept of “secure by design” is gaining traction as a proactive approach to building cybersecurity into the very foundation of these systems.
What is Secure by Design?
Secure by design is not a new concept, but its importance is increasingly recognized, especially with recent initiatives like the US Cybersecurity & Infrastructure Security Agency (CISA) Secure by Design program [1] and new European Union (EU) Cyber Resilience Act (CRA) [2]. These efforts, respectively, establish best practices and cybersecurity requirements for design and manufacture of technology products.
Simply put, secure by design means considering security from the very beginning of a product or system design project. This proactive approach aims to create inherently secure systems, minimize vulnerabilities, and reduce reliance on costly after-the-fact security updates and compensating controls.
What are the core principles of Secure by Design?
CISA, in collaboration with global partners, promotes three core principles for secure by design:
- Take Ownership of Cybersecurity Outcomes: Shift some of the burden of security from end-users to vendors and suppliers to deliver secure products and systems.
- Embrace Transparency and Accountability: Encourage transparency and accountability from manufacturers, particularly in disclosing and addressing security capabilities and vulnerabilities.
- Build Organizational Structure and Leadership: Establish clear structures, policies, and leadership to drive secure by design initiatives.
Secure by design examples in established practices include:
- Security Development Lifecycle (SDL): Incorporates security considerations throughout the software development process.
- Software Security Assurance (SSA): Focuses on designing secure software based on its potential impact if compromised.
- Building Security In Maturity Model (BSIMM): Provides a framework for assessing and improving an organization’s software security initiatives.
Secure by Design in the OT
While secure by design originated in software development, its principles are highly relevant to OT systems. Key stakeholders in the OT lifecycle include the following groups, each with distinct responsibilities:
- Asset Owners/Operators: Responsible for overall cybersecurity through programs and systems aligned with standards like ISA/IEC 62443-2-1.
- System Integrators: Must integrate security into custom systems, following best practices and using qualified personnel (ISA/IEC 62443-2-4).
- Product/Platform Suppliers: Should adhere to secure development lifecycles (SDLCs) and build security features into their products (ISA/IEC 62443-4-1 and -4-2).
The Role of Standards and Certification
Standards and certifications play a vital role in achieving secure by design. The ISA/IEC 62443 series of standards provide a globally recognized framework for secure product development, system integration, and risk assessment. Adhering to these standards helps manufacturers create more secure products and demonstrates their commitment to cybersecurity. Third-party certifications, such as those offered by ISASecure, offer independent verification that products meet stringent security requirements, increasing confidence and reducing risk for asset owners.
By leveraging these standards and certifications, organizations can establish a strong foundation for secure by design. This approach enhances the cybersecurity of OT systems and fosters a culture of security awareness and responsibility across the entire OT lifecycle. As OT environments become increasingly complex and interconnected, secure by design is essential for mitigating risks and ensuring the safety and reliability of critical infrastructure.
As OT environments grow increasingly interconnected and complex, adopting Secure by Design principles is critical for mitigating risks and ensuring the reliability of critical infrastructure. By embracing this proactive approach, stakeholders across the OT landscape can create a more secure and resilient future.