Is a secure ICS software supply chain important to your company’s critical operations? And what does securing your supply chain really involve? A 3-year study sponsored by the US Department of Homeland Security revealed many different perspectives. ICS vendors, asset owners, consultants and security researchers all identified numerous complex priorities including:
- Counterfeit firmware detection: Asset owners need to validate that firmware is authentic and hasn’t been tampered with. Vendors need to know if counterfeits of their products are circulating on the internet.
- Mystery sub-component detection: Asset owners are looking for a Software Bill of Materials (SBoM) to reveal unexpected or unapproved sub-components that may contain vulnerabilities or malware. Vendors want to be able to trace back which of their products might contain those sub-components.
- Version validation: Asset owners want to confirm that firmware is an up-to-date version, tested and approved by the factory rather than an unauthorized or obsolete version. Vendors need to be aware if unapproved versions are being installed in the field.
- Certification-chain validation: Asset owners need to detect fraudulently signed packages masquerading as authentic. Vendors need to know if their private keys have been stolen and are being used to sign malware.
- Stability confirmation: Asset owners want reassurance that even valid firmware packages are bug-free and won’t introduce instabilities. Vendors want to know the market perceptions of their upgrades packages to be proactive and protect their reputations.
These are just a few of the perspectives identified in the DHS research project. A common theme among them is the exploitation of trust between ICS vendors and their customers (and other suppliers). This talk will explore specific examples of each of these threats and discuss FACT, a framework for safeguarding against attacks on trust and reliability.
Learning objectives:- Identify key cybersecurity risks to critical infrastructure supply chains.
- Understand existing security strategies (e.g. certificate signing, hashes) and their limitations.
- Explore tools and solutions for addressing specific supply chain threats.