Volume 6 | January 2023
QUARTERLY REVIEW
Human-Centered. Solutions Driven.
OT Cyber Developments
By Kevin Black
A Change on the Horizon for Operating Systems in the OT Space
For years, manufacturing companies have primarily focused on Windows-based devices in their manufacturing facilities. However, the new Windows 10 licensing schemes have made Pro and Enterprise licensing only valid for a year and a half. And the so called Long Term Servicing Channel of operating systems only improves that to five years. This change is not a good fit for manufacturing facilities that often keep the same devices in place for over ten years. As a result, a new trend is emerging in the manufacturing environment. Many manufacturers are starting to use non-Windows operating systems in their Operational Technology (OT) space. These new OT devices are running Linux operating systems. Linux has several advantages when compared to Windows as it is free and open source, making it easily supported beyond an official support window. In addition, Linux operating systems are highly customizable, making it easy for the OT space to install a light, single purpose application for running OT processes. As Linux operating systems become more widespread, these devices will need to be protected from threats. Therefore, protecting Linux-based devices will become a key facet of any OT cyber security project moving forward. Sandalwood has extensive experience in working with manufacturers to safeguard Linux-based OT devices.
The Emergence of Containerized Applications
Up to this point in time, most applications in the OT environment have been a hard-disk software that must be installed directly onto the hard drive of OT equipment. These have been commercial, off-the-shelf, pieces of software purchased from a vendor for use in the OT facility itself. As time has gone on, some OT applications, particularly backend application servers, have moved to virtualized operating systems. This virtualization has made it easier to spin up a new server in the event of an issue or update, easing the difficulty in configuration and deployment. Now, a new form of virtualization is starting to make inroads in the OT environment: containerized applications. A containerized application is a stand-alone package that includes all of the necessary features (including libraries, config files, and any application dependencies) built into a single executable package. A containerized application runs in a container runtime environment and requires significantly less backend processing power than a virtual machine. This combination of portability and simplicity makes containerized applications very useful in the OT environment as it makes new software easily repeatable and distributable. As containerized applications continue to become more widespread, the expectation is that the OT environment will utilize containerized applications as the primary means of running OT software moving forward. With more containerized applications in the environment, protecting these applications will become an essential component of any OT cyber security program.