Addressing cyber security between plant production and business systems is a complex task that most IT and automation groups are hesitant to undertake. IT may not be familiar with complex industrial systems and any errors can adversely affect production. From the perspective of industrial automation, challenged with IT security they would rather just run autonomously and let a communication gap remain between these systems. Industrial cyber security at a minimum requires the focus areas listed felow:
Security Focus Areas
- Filtering & Access Control
- Written Best-Practices & Policies
- Anti-Virus
- Restoration Procedures
- Data Backup Strategies
- Incident Management Procedure
- Active Monitoring & Detection
- Continual Training & Awareness
- Patch Management
- 3rd-Party Verification
The short list above is an introduction; there are many more elements to consider. In general, the two focus areas are technology and people; and it does not matter which is managed first. The most important thing to remember is that existing corporate IT policies must empathize with the requirements of real-time control systems, many rules will have to change accordingly. Network and cyber security should be a priority making firewalls a necessity, which creates many new challenges for DCOM. Because DCOM requires so many ports to operate, it is very unfriendly to firewalls. Therefore, DCOM is frequently shut out of communication across different networks or left wide open for worm infection.
Fortunately, innovative solutions are already available. For instance, OPC can make use of tunneling technology to work across different systems and firewalls. Similar in concept to a VPN (Virtual Private Network) and PPTP (Point-to-Point Tunneling Protocol), OPC tunneling encloses the data payload inside another protocol. From the outside the tunnel, it looks like a stream of data. However, inside that stream is the all-important production data. Tunneling technology can also make use of port restriction, user authentication, and data-stream encryption to overcome most of IT’s security issues.
Network and cyber security are very important to industrial systems because they can affect the production of the control system. A complex task requires the aid of experts with field experience. They can recommend solutions for each of the security focus areas such as OPC tunneling for firewalls. It is important to begin addressing security risks as soon as possible, before they affect production.
About the Author |