By Daniel Ehrenreich, Consultant and Lecturer on Cyber Security, SCCE
Introduction
Professionals involved in securing Information Technology (IT) and Operational Technology/ Industrial Control Systems (OT/ICS) are aware of the critical differences between these environments. These differences include system architecture, hardware and software components, communication protocols, use of computers and industrial controllers, and more.
In IT systems, the primary cybersecurity objective is to ensure Confidentiality, Integrity, and Availability (CIA) of information. In contrast, for OT systems, the priority is Safety, Reliability, and Performance (SRP). Proper design, operation, and maintenance of these systems require specialized knowledge, close collaboration between IT and OT teams, and adequate resources allocated by management.
Understanding “Adapted maintenance procedures for OT systems” involves evaluating incidents that may lead to downtime or operational outages, financial losses, equipment damage, and even risks to human life. During a cyberattack, control room personnel may notice irregular activity but may not always respond correctly—or quickly enough.
Common OT Failure Scenarios
- Equipment malfunction or sabotage in the operational area may cause production downtime and financial losses. Immediate and professionally handled intervention can mitigate damage.
- Human errors by authorized personnel may also lead to operational shutdown. Taking the correct action quickly can limit losses.
- Ransomware attack on IT systems may initially affect corporate networks but poor decision-making can indirectly impact OT.
Cyberattack (internal, external, or via supply chain) may cause operational disruptions, equipment damage, and in extreme cases, put human lives at risk.
OT Risk Awareness
Unlike IT systems, OT security focuses on safety and operational continuity rather than data confidentiality. Therefore:
- OT maintenance personnel must understand production processes and associated risks.
- All updated decisions must be made jointly by: a) OT process expert, b) Facility manager, c) IT specialist, d) OT cybersecurity manager
- Complete and careful pre-change-testing is essential to ensure updates do not reduce safety or negatively affect continuity.
- Enhanced 24/7 monitoring must follow any change to detect anomalies immediately.
- Full documentation and updated backups must accompany every change.
- Control room and maintenance staff must be trained on the update and its potential implications.
Best Practices for OT Maintenance
Software updates, patching, and cybersecurity enhancements are standard IT practices. However, applying them directly to OT systems without adaptation can be extremely risky. Improper maintenance in IT may lead to temporary downtime. In OT environments, it can lead to prolonged disruptions, equipment damage, or even pose a threat to human life. Key operational maintenance recommendations:
- Updates must originate only from certified and trusted sources—no internet downloads or secondary suppliers.
- Approval required from the facility manager, process owner, and cybersecurity lead.
- Evaluate whether updates can be applied during operation or only during shutdown (planned maintenance window).
- Schedule maintenance when all relevant experts are available.
- Conduct testing to ensure 99.9% confidence that the update will not cause instability.
- Prepare a rollback system with the pre-update version.
- Maintain continuous monitoring post-deployment.
- Document all changes accurately, including software/hardware versions.
- If an urgent update cannot be implemented immediately, deploy compensatory controls.
- If multiple devices require updates, start with the least critical one and update sequentially.
- Double the estimated implementation time, to allow recovery if needed.
- Perform full validation of the updated system before normal operation and revert if anomalous behavior is detected.
Conclusion
Even in large organizations worldwide, very few professionals possess expertise across both IT and OT domains. Therefore, particularly as IT-OT data convergence increases, collaboration among IT teams, OT operators, and process experts is essential. The role of management is to ensure that these processes are carried out completely.
To guarantee operational continuity and safety, organizations must: a) Apply structured processes; b) Allocate sufficient budgets and skilled personnel; c) Provide tailored training, certifications, and practical drills (e.g., Tabletop Exercises – TTX) for control room teams.
About the Author
Daniel Ehrenreich, BSc, is an independent consultant and lecturer specializing in OT cybersecurity across Israel and internationally. He has over 45 years of engineering experience, including 34 years in control systems and cyber defense. His professional background includes roles at Tadiran, Motorola, Siemens, and Waterfall Security. Since 2014, he has been an independent consultant and, since 2016, the permanent chairman of the ICS CyberSec Conference in Israel.