Invensys and Process Security

Oct. 4, 2005
Several Invensys troopers gave interesting discussions on systems security. The most interesting of the Invensys staff was Ernie Rakaczky, whose sermon was about Prevention instead of Reaction to system attacks. "Everything starts with a site security review," he said, "that addresses your specific needs. This is really a risk assessment." "Being secure doesn't mean giving up productivity," he went on, "but it does mean that you may have to be more rigid with your processes." Your security sy...
Several Invensys troopers gave interesting discussions on systems security. The most interesting of the Invensys staff was Ernie Rakaczky, whose sermon was about Prevention instead of Reaction to system attacks. "Everything starts with a site security review," he said, "that addresses your specific needs. This is really a risk assessment." "Being secure doesn't mean giving up productivity," he went on, "but it does mean that you may have to be more rigid with your processes." Your security system should be built of multiple layers, in which the judgement call is the risk vs. value assessment. You may want to consider data isolation strategies, building "data DMZs" for data that is critical and susceptible to attack. You may want to seriously consider data warehousing, instead of letting people go directly to the operating control system and pull down data. "The key concern," Rakaczky said,"is the impact of Day Zero. That's the day the attack first starts." Day Zero is not attressed by anti-virus; it is not addressed by network detection and monitoring; it is not addressed by patch management-- and this is not a Windows issue. This is true for all OSes. Invensys, he reported, is security focused, building security from within, in new product development, in existing products, and with new validation and testing methodology. Invensys helps end users in the design phase of projects, in the implementation phase of projects, and, above all, Invensys offers security program management services. (There's that "services" word again...) Invensys has established a security-focused website: https://ips.csc.invensys.com. On this site are whitepapers, tutorials, links and etc. Invensys also provides Security Review services, system hardening, and solution implementation. "We are the industry leaders," Rakaczky boasted. "We were the first DCS supplier to ship our product with integrated anti-virus. We run our vulnerability scans on our own equipment." Rakaczky implored his audience to get involved with the standards working groups like SP99 and PCSRF and others. "It is exciting to be part of this," he said.

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.