October 11, 2012

WirelessHART Security: How It Works and How You Can Help

WirelessHART field networks are purpose-built networks that use secure communications via mesh networks. The gateway for these field devices that connect them to a plant network is not a Wi-Fi access point, so these device communications are very secure. But at the plant-level, where you have human users interacting with the system, the plant gateway is an access point that requires special attention.
Neil Peterson, Marketing Manager, Wireless Plant Solutions for Emerson Process Management
802.11 attacks include: Man in the Middle, Honeypot, MAC Spoofing, Rogue Access Points, DNS Attacks, Cracking Tools.

In a session at the Emerson Global Users Exchange, Neil Peterson, marketing manager for wireless plant solutions for Emerson Process Management, said that the main reasons for network security failures are the following: 

• Human factors;
• Policies (or lack thereof) — Peterson notes that 8-character passwords are weak when it comes to securing critical systems and that 17-character passwords should be used;
• Poor network configuration;
• Bad assumptions about security issues;
• Lack of understanding about security; and
• Failure to stay up-to-date with the latest security measures.

Peterson pointed out that testing has proven wireless networks to be just as secure as wired networks. To ensure this level of security at your plant, it is critical to have someone in the plant whose responsibility it is to make the system secure, he said.

To underscore his point, Peterson mentioned that it is possible for hackers to make antennas using Pringles cans to access wireless networks up to a mile away. “So it’s not like they have to be in a van parked just outside your office,” he added.

The best way to control access to your wireless network is via authentication, authorization, verification, and encryption. Authentication is the process of proving you are who you say you are via a user name and password, or biometrics. Authorization determines what an authenticated user can do once they are on the system. Verification is done on WirlessHART via message integrity codes, which are generated as part of the device information payload to verify authenticated data. Also, the use of an encrypted nonce (source ID and time stamp) makes the occurrence of a replay attack more difficult. Peterson noted that encryption is the default mode on WirelessHART. Encryption prevents attackers form changing data. All sensor traffic on a WirelessHART network is encrypted.

WirelessHART also features several security keys to protect against unauthorized use or access. These keys include:
• Join Key—which allows a device on to a network to ensure no rogue devices gain access;
• Network Key—this is for network broadcast messages, because devices constantly communicate in order to synch;
• Session Keys—provide secure end-to-end connection with multiple sessions for each device.

Beyond the establishment of end-to-end wireless security and controlling access to your network, you should also ensure that your wireless clients (laptops, etc.) have “integrity.” Essentially, this means that clients need updated antivirus software and should always stay on site. Clients should not be allowed to leave the premises where they could then connect to unknown networks and become contaminated.