Reusability assessment of financial card readers' security mechanisms in process control devices

Abstract

The security of industrial plants has gained a lot of importance since the last decade. The reason is that the different components from different network layers of automation systems have become inter-connected to support fast and cost-effective decisions at the management level. This inter-connectivity has posed many security challenges in this industrial segment. To achieve effective security mechanisms in industrial plants, there is a need to learn from other existing domains, matured in terms of security, whether existing matured security solutions can be reused in the industrial automation domain. The financial sector is a segment where security has been carefully managed since a long time, as security is very important for that sector. Therefore it would be beneficial to evaluate the security mechanisms present in financial card readers which are involved in financial transactions because these card readers have many similar characteristics with industrial process control devices. In this paper, the security requirements for both the field devices of industrial plants and card reader terminals of the financial sector have been evaluated to understand the security gap so that we can identify the areas where the security needs of industrial plants must be improved and where some of the existing security features of card reader terminals can be reused in field devices of industrial plants.