#11 PLC Best Practices – Instrument for Plausibility Checks

Instrument the process in a way that allows for plausibility checks by cross-checking different measurements.

Security ObjectiveTarget Group
The integrity of I/O valuesProduct Supplier Integration / Maintenance Service Provider

Instrument for Plausibility Checks

There are different ways of using physical plausibility for validating measurements:

a) Compare integrated and time-independent measurements

Plausibility checks can be done by integrating or differentiating time-dependent values over a period of time and comparing to time-independent measurements.

b) Compare different measurement sources

Also, measuring the same phenomenon in different ways can be a good plausibility check.

Different measurement sources do not necessarily have to be different physical sensors, but can also mean using alternative communication channels (see examples).

Example

a) Compare integrated and time-independent measurements

Metered pump and tank level gauge: volumetric change should equal integrated flow.

The burner in a boiler: added caloric heat should equal temperature rise.

b) Compare different measurement sources

Using air-speed, artificial horizon, vertical speed, and altitude in the airplane to measure the phenomenon of the climbing / descending airplane.

Comparing process parameter values from independent data loggers (tied into 4-20mA loops or relay contacts and transmitted via independent communication channels) to SCADA system data (coming in the “normal” way through PLC and HMI) and alerting on deviations and significantly off-specified values.

Why?

Beneficial for…?Why?
  SecurityFacilitates monitoring for manipulated values (assuming not all sensors are manipulated at once).
  ReliabilityPrevents acceptance or identifies (for future action) corrupted / wrong measurements as inputs.
MaintenanceRules out the possible physical causes for failures more quickly.

References

Standard/frameworkMapping
  MITRE ATT&CK for ICSTactic:  TA010 – Impair Process Control
Technique:  T0806 – Brute Force I/O
  ISA 62443-3-3SR 3.5: Input Validation
SR 3.6: Deterministic Output
  ISA 62443-4-2CR 3.5: Input Validation
CR 3.6: Deterministic Output
MITRE CWECWE-754: Improper Check for Unusual or Exceptional Conditions

Source: PLC Security

Share With Your Friends

Leave a Comment

#11 PLC Best Practices - Instrument for Plausibility Checks

Send this to a friend