Vviewpoints
DOI: 10.1145/2492007.2492018
Privacy and security
the air gap:
sCaDa’s enduring
security Myth
As a seCurity practitioner and a controls engineer, I am often asked my views on air gaps as a security strat- egy for supervisory control
and data acquisition (SCADA) and industrial control systems (ICS). Air gaps
have long been a focus of discussion
in industry, and they still continue to
generate a lot of interest in the media.
In theory, the air gap strategy certainly
sounds great. By creating a physical gap
between the control network and the
business network, the bad guys—
criminals, hackers, and worms—are kept out
of critical systems.
PhotograPh courteSy of rutherforD aPPleton laboratory anD the ScIence anD
technology facIlItIeS councIl (Stfc); httP://WWW.chIlton-comPutIng.org.uk
Before I go any further, I must clarify
what I mean when I use the term “air
gap”: What I am referring to in this column is the philosophy that says we can
truly isolate our critical systems from
the outside world. And this is where
the myth—and the danger—lies. To begin, I do not believe true air gaps actually exist in the ICS and SCADA world.
Moreover, many SCADA security experts have even stronger opinions than
me on the subject—for example, see
Craig Wright’s blog.a However, I do acknowledge (albeit reluctantly) that not
everyone agrees with me on this.
In 2011, for example, we saw a deluge of SCADA and ICS vulnerability
a control system protected by a real air gap: iBm 360/195 playing chess, november 1974.
using the strategies suggested in this
document or isolate the automation
network from all other networks us-
ing an air gap.”
a http://infosecisland.com/blogview/16770-
SCADA-Air-Gaps-Do-Not-Exist.html
notices with advice on addressing the
issue by using an air gap. One example
I have referred to in the past comes
from the original Siemens Security
Advisory addressing the vulnerabili-
ties in Siemens’ SIMATIC S7-1200
PLC line: “In addition, it is important
to ensure your automation network is
protected from unauthorized access
the ‘air Gap Principle’ is history
To give credit where credit is due:
Siemens removed this recommendation from the advisory (and all