Because you can, does not always mean you should and knowing when is the difference between being an automation professional and one of the “great unwashed.”
This is certainly true with the introduction of all the new open technologies that make integration with the Enterprise so easy. Useful and SCARY. Remember the default configuration for digital communications is bidirectional so if you do not take the necessary precautions to direct traffic where YOU want it to go then there is nothing to stop someone from either purposely or accidentally creating an incident on your network. An incident is anything that affects one of the three sides of the security triangle: Authentication of the source; Authority of the source to alter the destination; and Integrity of the data.
Proper design of the system using guidelines such as those from ISA-99, ISA-95 and the NERC CIP documents will provide a good starting point. However other factors such as veracity of the measurement itself which is a function of other factors such as environment, wiring & installation practices, maintenance, etc will also have an impact on the integrity of your data.
Wireless and Security are popular topics in our industry today but that does not mean we need to forget all the good things we do to obtain the measurement in the first place.
Just because you can monitor and control your process from your web enabled mobile device does not mean “it’s a good thing.”
Have a GREAT weekend.
