Schneider Electric has worldwide manufacturing centers that support critical infrastructures for customers in industries such as energy, government, healthcare, food, and others that are vital to everyday life around the globe. Because we are manufacturers ourselves, we recognize the importance of cybersecurity and the increasing impact it has on both our sites and our customers’ facilities.
With an understanding that the entire ecosystem needs to recognize and consistently respond to emerging cyber threats, we strive to advance cybersecurity readiness throughout the entire lifecycle of our solutions. This applies to solutions that are used in our facilities, or those of our customers.
Several years ago, Schneider Electric’s development centers joined together to move the adoption of cybersecurity standards forward for the industrial control systems that we build. As part of this effort, our adoption of the ISA/IEC 62443-4-1 standard for secure development lifecycle (SDL) was certified in these centers. ISA/IEC 62443-4-1 covers eight fundamental areas: security requirements, secure design, secure implementation, verification and validation, defect management, patch management, and product end-of-life.
After the internal implementation of ISA/IEC 62443 in securing industrial component and system development, Schneider Electric has extended these principles to other parts of our industrial solution lifecycle through a concept we have dubbed secure lifecycle management (SLM). Here is a quick overview of our positioning regarding SLM and how we recommend applying it in other organizations.
Embracing the Principles of SDL on a Broader Scale
The intended goal of SLM is to keep industrial products and solutions fit for purpose. This means their security readiness is maintained throughout the entire lifecycle, beginning with conception, during commercial release, past decommissioning, and completing at the end of support.
This is particularly important for industrial control systems (ICS) because productive, in-use life may range from 10 to even 20 years. The facilities these solutions operate in are not static, and they are subject to influences such as regulatory compliance, plant safety, and cyber risks, all of which are rapidly evolving. Absent an effective SLM program, the security of these solutions can naturally entropy, becoming vulnerable, and at risk.
SLM: Keeping Industrial Solutions Fit and Secure for Life
When the concepts of SLM are appropriately implemented, they represent a continuous application of security practices. These practices include not only ISA/IEC 62443 recommendations but also compliance with local, regional, and government regulations and guidelines, awareness of emerging threats, and other cybersecurity best practices.
These practices extend past product commercial availability all the way through to the end of support, but SLM is more than just extending processes further out in a product’s lifecycle and updating technology. To make SLM successful, cultural change is necessary, particularly around the continually evolving area of cyber risks.
Accepting that industrial products must have continued investment in cyber security from both the supplier as well as the asset owner is a concept that requires traditional mindsets to evolve. SLM is helping us here at Schneider Electric by bringing structure and governance to this changing mindset.
The Basic Principles and Framework for SLM
To effectively implement an SLM strategy, we recommend implementing the following principles:
- Begin by establishing a solid foundation of cyber-risk awareness and implement a series of cyber controls to manage that risk. The ISA/IEC 62443 standards suite is the route to completing this step
- Maximize and collectively coordinate the security posture of all applications, products, systems, and software. See the whole picture, understand how everything interacts, and identify the interaction between all assets. Know what software – and its origins – makes up your solutions
- Standardize principles and practices across development centers and contractors. Understand that good enough often is not good enough. Incorporate a maturity model mode of thinking around security controls and practices and keep evolving these practices forward
- Create a culture of cybersecurity where employees understand, respect security principles, and adopt secure behaviors.
- Synchronize security practices with up-to-date standards, regulations, practices, and guidelines. Recognize that as cyber risks keep evolving, so must the ecosystem of cyber responses
- Apply these principles beyond active development and deployment lifecycle phases, covering all supported phases of a product. Go beyond initial capital expenditure (CapEx) investments and extend operating expenditures (OpEx) for cyber risk awareness and management until a solution is finally removed from use.
Like any cybersecurity strategy, we believe SLM is best delivered through a framework consisting of policies, processes, support services and tools, and skills driven and governed by a community of experts. The framework may vary based on a company’s cybersecurity maturity and existing strategies, but here are some essential starting points.
- Policies: Identify and address gaps in end-to-end lifecycles and apply new and existing policies as applicable
- Processes: Design an optimal SLM flow using automated processes to drive efficiency. Where possible, integrate SLM into existing process steps. Support with metrics that prove the effectiveness and efficiency of an SLM program
- Tools: Secure funding for the needed tools and define the skills required to use the tools effectively, including any specialized skills that may be necessary. Ensure the right tools are available throughout the entire lifecycle
- Skills: Identify skill gaps and provide training or mentorship as appropriate. Centralize specialized skills to efficiently use resources while proving competency during all lifecycle phases
- Governance: Develop SLM compliance plans using metrics. Learn and adjust plans accordingly throughout the adoption of SLM. Flag non-conformance for escalation
As SLM frameworks are developed, companies can build in innovative concepts like agile development, allowing developers to work at a higher velocity and with a more focused approach. SLM equally supports cloud initiatives for hosted development and operations.
Build on a Continuum of Evolving Innovation
SLM offers the possibility of bringing cybersecurity strategies to the next level, but it does not happen overnight, nor is it a once-and-done concept. It is an initiative whose primary goal is to recognize that everything related to cybersecurity remains active and is continually changing.
Technological advancements like the cloud, AI, machine learning, and hyper-connectivity open new attack surfaces daily. Attackers are taking advantage of these advancements – and so companies like Schneider Electric and our counterparts must respond by evolving our cybersecurity programs.