Out-of-Band Communications Channel

Have alternative methods to support communication requirements during communication failures and data integrity attacks. [1] [2]

ID: M0810
Security Controls: NIST SP 800-53 Rev. 5 - SC-37
Version: 1.0
Created: 06 June 2019
Last Modified: 19 September 2023

Techniques Addressed by Mitigation

Domain ID Name Use
ICS T0830 Adversary-in-the-Middle

Utilize out-of-band communication to validate the integrity of data from the primary channel.

ICS T0878 Alarm Suppression

Provide an alternative method for alarms to be reported in the event of a communication failure.

ICS T0803 Block Command Message

Provide an alternative method for sending critical commands message to outstations, this could include using radio/cell communication to send messages to a field technician that physically performs the control function.

ICS T0804 Block Reporting Message

Provide an alternative method for sending critical report messages to operators, this could include using radio/cell communication to obtain messages from field technicians that can locally obtain telemetry and status data.

ICS T0805 Block Serial COM

Ensure devices have an alternative method for communicating in the event that a valid COM port is unavailable.

ICS T0813 Denial of Control

Provide operators with redundant, out-of-band communication to support monitoring and control of the operational processes, especially when recovering from a network outage [1]. Out-of-band communication should utilize diverse systems and technologies to minimize common failure modes and vulnerabilities within the communications infrastructure. For example, wireless networks (e.g., 3G, 4G) can be used to provide diverse and redundant delivery of data.

ICS T0815 Denial of View

Provide operators with redundant, out-of-band communication to support monitoring and control of the operational processes, especially when recovering from a network outage [1]. Out-of-band communication should utilize diverse systems and technologies to minimize common failure modes and vulnerabilities within the communications infrastructure. For example, wireless networks (e.g., 3G, 4G) can be used to provide diverse and redundant delivery of data.

ICS T0826 Loss of Availability

Provide operators with redundant, out-of-band communication to support monitoring and control of the operational processes, especially when recovering from a network outage [1]. Out-of-band communication should utilize diverse systems and technologies to minimize common failure modes and vulnerabilities within the communications infrastructure. For example, wireless networks (e.g., 3G, 4G) can be used to provide diverse and redundant delivery of data.

ICS T0827 Loss of Control

Provide operators with redundant, out-of-band communication to support monitoring and control of the operational processes, especially when recovering from a network outage [1]. Out-of-band communication should utilize diverse systems and technologies to minimize common failure modes and vulnerabilities within the communications infrastructure. For example, wireless networks (e.g., 3G, 4G) can be used to provide diverse and redundant delivery of data.

ICS T0829 Loss of View

Provide operators with redundant, out-of-band communication to support monitoring and control of the operational processes, especially when recovering from a network outage [1]. Out-of-band communication should utilize diverse systems and technologies to minimize common failure modes and vulnerabilities within the communications infrastructure. For example, wireless networks (e.g., 3G, 4G) can be used to provide diverse and redundant delivery of data.

ICS T0831 Manipulation of Control

Utilize out-of-band communication to validate the integrity of data from the primary channel.

ICS T0832 Manipulation of View

Utilize out-of-band communication to validate the integrity of data from the primary channel.

References