The evolution of software in industrial control systems

Posted date 23/07/2015
Author
INCIBE (INCIBE)

Technological development over time has not been irrelevant to the industrial sector. The latter has evolved in terms of hardware, software and communications, providing industry sectors with greater support and facilitating production in companies.

In this article, we will focus on the evolution of software characteristics in industrial control systems.

 evolucion_soft

- Evolución Software -

We will begin this journey through time with Operating Systems. In industrial environments, there is still a need for real-time operating systems, depending on the process being controlled. In general, real-time operating systems have a similar architecture to that of conventional systems, but the difference is that for real-time systems, greater priority is given to the control and processing elements that are used to execute processes or tasks, thus ensuring that they comply with their functions in a limited time period.

Notable amongst the characteristics of real-time operating systems are:

  • The capacity to prioritise tasks.
  • Known temporal behaviour.
  • They provide communication and synchronisation between tasks.
  • Multitasking.
  • Mechanisms to avoid priority inversion.

The improvements added to the operating systems have been notable with respect to their architecture; they have gone from supporting 8 bits to 16 bits or 32 bits and subsequently evolved to architecture of 64 bits, with the security advantages and disadvantages that this entails.

A 64-bit operating system, since it has a lot more memory, can use techniques that hinder virus attacks. Furthermore, many existing viruses affect 32-bit systems and do not work in 64-bit systems. These changes are linked to the version and developer of the operating system, since the same changes have not occurred in all operating systems.

Amongst many other improvements, there is the possibility of using encryption in the hard disk with tools such as BitLocker; disabling boot by USB devices used by employees within the organisation so that they do not commit imprudences when performing a maintenance or another task in physical machines (BYOD), the requirement for strong passwords by default for users or administrators and the activation of firewalls by default.

Use of the embedded Linux operating system has increased considerably in the market. Thanks to its simplicity (often only its installation and minimal process configuration is necessary), we could achieve immediate results. Moreover, we have the basic services within an industrial control system.

With the passage of time, the way of recording information of interest has been changing from practically not recording any event generated by the devices to having a centralised registry system through which the information can be analysed based on our needs. This information will not only be processed at a local setting, but we will also be able to have remote reports.

In the first generation of control devices, no type of activity was recorded. Subsequently, in the following generation, changes could already be observed with respect to these measures, since the devices could generate logs related to the maintenance thereof (CPU use, temperature, changes in certain variables, etc.). The most notable evolution occurred in the next generation, thanks to awareness-raising about security. This meant that devices began to record various events related to security (user access, changes in certain configurations, etc.), but the number of events recorded continued to be low.

Its most current evolution occurred with devices of the latest generation, where there are already records of events in which all types of actions that may be important from the point of view of security are recorded; furthermore, different events are separated into files depending on whether they pertain to security, maintenance, etc.

The manner of storing the different events in files within a control device has also changed with the passage of time. As such, the first events generated by the devices were recorded in files of a fixed size, whose capacity, once exceeded, could not store any more information. It was designed in this way to avoid the low storage being filled.

Since with this measure much data were lost, particularly the latest data, in the event of a possible incident, log file rotation was introduced, such that the data were overwritten once the maximum size of the file had been reached. Both types of functions lose information if the data stored are not continuously monitored. The new control devices have advanced communication characteristics and, as well as allowing larger files to be stored after the limitation of storage space has been removed, enable the sending of messages through Syslog type systems, which means that there can be a record of device events in a centralised repository.

In the present day, not only applications that are executed in computers are developed, but also, with the new technologies, there are now mobile applications for reviewing measurements and even for making changes in the system.

An example of this evolution in which we can clearly identify how this development is occurring is reflected in HMI, where the charts have evolved towards a more minimalistic concept with the following characteristics:

  • Simplification of the graphical environment.
  • Elimination of the flashes and blinking that functioned as indicators if there were events in the system.
  • Fewer colours; two are basically used: one for notifying us that the process is carrying out events correctly, and another for detecting errors and failures.
  • Display of only the parameters necessary for the operator to perform a quick reading, without distractions.

evolucion_hmi

- Evolución HMI -

 The way software is developed has also changed, with there being the possibility of finding free software intended for industrial control systems, or a mixture between free software and proprietary software whose details are not known. Finding free software in industrial control systems a few years ago was unthinkable and, a quick review of the state of free software in these systems will tell us that there remains much to do, but bit by bit, we are finding DCS (Distributed Control System) process or SCADA systems based on free software.

Moreover, the current technological evolution is not foreign to the industrial market. With the arrival of the Internet of Things (IoT), a window of opportunities is open for those seeking cloud solutions. Storage on the cloud allows processes in industrial environments to be recorded and information to be sent by applications to mobile devices, which have specific applications for these environments (the main developments have been carried out for Android systems). With the introduction of applications for mobile devices, another route for expansion has been opened for software development companies in industrial environments, as well as a path for exposure to cyber-attacks.

Some changes have also been noted in the programming of industrial control devices, and there has been evolution towards programming that we can observe in the IT world, in which some tasks will be facilitated for industrial programmers. Programming has evolved from (ladder logic) to high level systems based on structured text and object-oriented programming. Along the way, work has also been done with languages based on function blocks or lists of instructions, resembling the evolution occurring in IT programming languages. The main programming languages of control system devices are laid out in standard IEC 61131-1.

evolucion_lenguaje

- Evolución de los lenguajes de programación en entornos industriales -

With all of these evolutions that affect software, it is highly recommendable for companies to place greater emphasis on cybersecurity within the projects that they develop. Moreover, recommendations in the best practice guidelines both for the process of developing applications or programmes for specific devices, and for the use of certain software that must pass security tests, thus verifying its robustness and proper functioning, will be very important and helpful.

Etiquetas