The Radiflow Security Blog

Who Moved My Firmware?
March 19, 2019
The management of firmware risks in industrial facilities takes place on four levels:

  • Within the supply chain
  • During the facility’s initial commissioning
  • During regular operations and as part of facility upgrades and expansions

Radiflow’s holistic security solution, based on the four levels above, has been proven to reduce facilities cyber-risk levels. In addition, Radiflow’s solution measures and displays the facility’s risk score in real time, and most importantly, provides the customer recommendations for risk reduction.

1. Supply Chain

The supply chain is the initial point of vulnerability in firmware security. Purchasing controllers directly from the manufacturer all but eliminates the possibility of getting “defective” firmware. It is important to install risk-aware procurement procedures focused not only on price but also on eliminating exposure to cyber-disruptions, industrial espionage and other irreparable damages.

In recent years the awareness to supply chain-related threats has increased. Many critical facilities’ procurement procedures require verification of manufacturers’ equipment authenticity declarations, verification of delivery and shipment documents, physical examination of controller circuit boards, and obligating the vendor to provide support from the original equipment manufacturer if needed.

2. Initial Commissioning

The facility’s initial commissioning is an important stage in managing firmware risk. Test-running the ICS controllers requires authenticating all controllers’ firmware. In many cases, internet-downloadable firmware updates are needed, adding exposure and risk.

To prevent initial run-related threats, Radiflow’s solution automatically presents the customer with a list of all of the controller models, including the firmware installed in each model. This verifies that the most up-to-date firmware version is installed on all controllers, without exception.

In addition, Radiflow maintains a vulnerability database for all manufacturers’ controllers, obtained from a multitude of sources includes the Radiflow research team, and presents the customer with those that pertain to their network, along with recommendations for each controller; how to handle updates, which firmware version to update and more.

3. Firmware Management

Firmware management throughout the lifecycle of the facility is the most important element in cyber-securing the facility. Many entrepreneurs have by now realized that risk management eventually saves time and money, by preventing problems down the line. Radiflow’s passive solutions continuously “listen to” and analyze all OT data traffic, in order to detect firmware changes. Additionally, Radiflow proactively compares the customer’s firmware versions to known vulnerabilities for all manufacturers’ controllers, and provides guidance for firmware updating and risk reduction.

Conclusion

Risk management can be roughly divided into two processes: real-time risk management, throughout the lifecycle of the facility, and offline risk management that takes place in prescribed points in time. Firmware version verification is imperative to reducing risk in OT networks, since updates are often not carried out on time or at all, and in many cases not all controllers are updated simultaneously.

More importantly, critical updates due to manufacturers’ published vulnerabilities are very often ignored. The only way to maintain low cyber-risk in OT networks is to install an automatic mechanism for version management, detecting vulnerabilities in current versions, and providing recommendations for firmware updates, throughout the lifecycle of the project.