Invensys and Process Security

Oct. 4, 2005
Several Invensys troopers gave interesting discussions on systems security. The most interesting of the Invensys staff was Ernie Rakaczky, whose sermon was about Prevention instead of Reaction to system attacks. "Everything starts with a site security review," he said, "that addresses your specific needs. This is really a risk assessment." "Being secure doesn't mean giving up productivity," he went on, "but it does mean that you may have to be more rigid with your processes." Your security sy...
Several Invensys troopers gave interesting discussions on systems security. The most interesting of the Invensys staff was Ernie Rakaczky, whose sermon was about Prevention instead of Reaction to system attacks. "Everything starts with a site security review," he said, "that addresses your specific needs. This is really a risk assessment." "Being secure doesn't mean giving up productivity," he went on, "but it does mean that you may have to be more rigid with your processes." Your security system should be built of multiple layers, in which the judgement call is the risk vs. value assessment. You may want to consider data isolation strategies, building "data DMZs" for data that is critical and susceptible to attack. You may want to seriously consider data warehousing, instead of letting people go directly to the operating control system and pull down data. "The key concern," Rakaczky said,"is the impact of Day Zero. That's the day the attack first starts." Day Zero is not attressed by anti-virus; it is not addressed by network detection and monitoring; it is not addressed by patch management-- and this is not a Windows issue. This is true for all OSes. Invensys, he reported, is security focused, building security from within, in new product development, in existing products, and with new validation and testing methodology. Invensys helps end users in the design phase of projects, in the implementation phase of projects, and, above all, Invensys offers security program management services. (There's that "services" word again...) Invensys has established a security-focused website: https://ips.csc.invensys.com. On this site are whitepapers, tutorials, links and etc. Invensys also provides Security Review services, system hardening, and solution implementation. "We are the industry leaders," Rakaczky boasted. "We were the first DCS supplier to ship our product with integrated anti-virus. We run our vulnerability scans on our own equipment." Rakaczky implored his audience to get involved with the standards working groups like SP99 and PCSRF and others. "It is exciting to be part of this," he said.

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...