Improve your SCADA Security
Ecava IGX is designed for your operation critical and data sensitive environment with high security measures and implementations. As far as the SCADA security concern, the system architecture is designed according to OWASP recommendations and best practices. Below are many reasons why Ecava IGX can be more secure than many traditional SCADAs.
Administration/Access Right Settings
Ecava IGX is equipped with several SCADA security control tasks and implementation to ensure safe and sound operation. All executables are installed and only allowed from within the path of “Program Files”, or “Program Files (x86)” only. Therefore attackers cannot send malicious SCADA project files to an engineer/operator, for executing malicious code and gain access to the machine. Because all programs installed or copied into the Program Files folder must be authorized by the system admin.
More Restrictions for Remote Access
IGX has implemented sophisticated User Access control, which allows the system administrator to assign each operator to one or more User Groups according to the user’s role in the organization. It has both Security Level and Security Role labeling, whereby you can configure different access level and role for every single equipment and database. You may also restrict different users for different mimic screens only. For instance, an operator for Area A can only monitor sensor data or control equipment for Area A, whereas operator B has access to only Area B. Furthermore, increased restriction can be added for remote access with wildcard IP filtering. Only white-listed IP addresses will have access to the system, but different levels can be further added for different IP addresses. A practical implementation could be such that, an engineer is allowed to have full control at the operation site, but is restricted to read-only level when signing-in from home or other remote locations.
Prohibited to compose SQL statement during run-time
SQL database is where all sensitive data are stored and more security measures are focused. As such IGX prohibits on-the-fly construction of SQL statement, whereby end users such as operators cannot compose any SQL statement during run-time. Thus all SQL statements are carefully prepared in advance, so no malicious SQL statement can be constructed and executed during run-time. In other words, SQL-injection attack has been prevented.
Cyber Control for SCADA Security
Most of the remote attacks require the full path of the project URL. Project managers, engineers and operators should avoid sharing the deployed project URL, with anyone who is not involved in the project or publishing the project URL online. Also, avoid using the system default port number. You are advised to change the port number from time to time, because obscurity does mean certain level of security. Furthermore, you are advised to implement VPN for an Internet facing system, on top of basic hardware firewall to enhance your SCADA security.
Cryptography and Secured Link
Ecava IGX supports HTTPS for secure link, which ensures completely encrypted transmission of data between client and server. This is the same level of tight security implemented for Internet banking, or online credit card transaction. However, not all end users are capable of adopting this security measure, because this security feature requires the end-user to acquire and subscribe for a security certification, from a relevant authority separately. Nevertheless, IGX still ensures encrypted transmission with private and public key cryptography. Furthermore, no clear text is being transmitted or stored especially for User ID and Password.
No DLL hijack Flaw
DLL files are meant to be dynamically linked as the name coined, as such it could become a system vulnerability if the executable gets dynamically linked to a malicious library instead. Ecava IGX ensures all DLL files are registered and stored at secured locations before they can be linked and executed. This would mitigate DLL Hijack Flaw completely.
No Room for Buffer Overflow
Buffer overflow errors are characterized by the overwriting of memory fragments of the process, which should have never been modified intentionally or unintentionally. Buffer overflow errors occur when we operate on buffers of char type. Since we could identify the source of the vulnerability, we could then mitigate the error by using only safe function for string handling.
Conclusion
Above are many precautions taken and implementations done, after receiving huge contributions from many security researchers. And we have been collaborating with US-CERT closely to verified that all known vulnerabilities are fully mitigated. Lastly, we are always alert and aware of the news of SCADA security development and concerns. This is the very reason why US-CERT personal wrote to us and praised that: “Your proactive concern about the security of your application is refreshing!”