Interested in linking to "What's in your server?"?
You may use the Headline, Deck, Byline and URL of this article on your Web site. To link to this article, select and copy the HTML code below and paste it on your own Web site.
verybody is trying to scare the beejeezus out of you these days with talk of nasty ol&rsquo hackers and crackers, how assorted bad guys are trying to break into your process control system, and all the risks you take by using Web, Ethernet, wireless, and Microsoft technology in your control system. While we don&rsquot exactly subscribe to the theory that terrorists are plotting to destroy your recipe for making chocolate, we realize that threats do exist from hackers, viruses, and competitors. Maybe even terrorists, too.
To help you bolster your defenses, we've assembled a timely list of tips and techniques you can use to build a fortress to secure your data and protect your control system from intruders. (See Top ten defenses sidebar below.)
What do vendors say about process control security?
Find more Articles, White Papers and Industry Books on control system security listed at the bottom of this article.
Except for a few incidents like these, the process control industry has remained relatively immune from the huge number of problems that plague commercial web sites, banks, and government institutions. Maybe the bad guys haven&rsquot discovered us yet, or maybe we don&rsquot have anything they want. Or maybe companies in our industry just don&rsquot talk about it when they take a hit.
Bad guys are definitely out there. One of our contributors, a control engineer at a large Midwest refinery, is worried. &ldquoWe have been written by name on terrorist lists, so our physical security is very tight,&rdquo he says. He asked to remain anonymous – as did other contributors. Nevertheless, there does not appear to be a major, organized attack on process control systems yet.
It certainly appears that the two biggest problems are (1) external random attacks by worms, viruses and similar software that roam cyberspace looking for vulnerabilities, and (2) internal problems caused by disgruntled employees, careless operators, and bad procedures.
In the first case, nobody outside is trying to destroy the chocolate recipe – they don&rsquot even know you make chocolate. If they get you, you are probably just the victim of a random Internet crime. In the second case, you do it to yourself because of poor security or poor training. Both situations are preventable.
The tips and techniques that follow will help you create a fortress and tighten up security, but nothing will stop someone who is determined to take your plant down. No firewall is safe from a talented hacker, no anti-virus software gets them all, and dealing with disgruntled employees and actual terrorists is beyond the scope of this article. We can, however, help you make it more difficult for them. So let&rsquos build a fortress.
Get Off the Networks!
End users and vendors alike universally advise disconnecting your process control system from the Internet, corporate networks, business LANs, or any network not needed for actual control. One engineer at a chemical plant said it bluntly, &ldquoWe do not allow any outside connections into our control system. There are no modems and certainly no Ethernet connections to the Web or business system.&rdquo It&rsquos the fortress mentality, but it works.
ControlGlobal.com is exclusively dedicated to the global process automation market. We report on developing industry trends, illustrate successful industry applications, and update the basic skills and knowledge base that provide the profession's foundation.