Fieldbus

How to improve network security

There's no such thing as a 100% secure control system, but learning and understanding the risks associated with security standards, and how to mitigate them are a start. Check out this to-do list.

 

RELATED ARTICLE

    
Fence Me In: Common Sense Security

 

Rich Clark, information security analyst at Wonderware, offers the following to-do list to help users increase the security of their plant-floor networks:

 

  • Understand that there’s no such thing as a 100% secure system, unless it’s buried in a vault, still in the box, unplugged, and unconfigured.
  • Educate operators to look for operational anomalies. These are usually the first indication that something is wrong.
  • Learn and understand the risks associated with security standard you’ve implemented, and how to mitigate them.
  • Get control system engineers and IT synchronized, and working in the same department.
  • Create polices and procedures that include an organizational tree, which describes mitigation and alert vectors to be used if a breach or threat is found.
  • Schedule risk analyses on an ongoing basis.
  • Incorporate change control into the above procedures.
  • Know who to contact and what to do in case of a breach or attack.
  • Create a single-point failure matrix.
  • Follow current industry guidance and Microsoft domain isolation guidance, which presently has a patch that to allow a mostly one-button setup in XP-2K3 systems, and will be included as a one-button setup in a Longhorn/Vista domain.
  • During critical junctures of possible attacks or potential threats, pulling the plug on the outside world can be effective if the control system can be reduced to a single point of access.

Free Subscriptions

Control Global Digital Edition

Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe Today.

controlglobal.com E-Newsletters

Biweekly updates delivering feature articles, headlines with direct links to the top news stories that are critical to staying up to date on the industry — company news, product announcements, technical issues and more. Subscribe Today.