Dear %%if(%%firstname%% is empty,Colleague,%%firstname%%)%%:
To receive the latest automation information, add enews@automation.com to your address book.
Read the online version if links don't work in this Security Update. |
| |
August 2008 |
Sponsor: Honeywell |
Honeywell Process Solutions
As a global leader in both security and process control technology and as an operator of our own chemical plants, Honeywell Process Solutions is uniquely qualified to provide security for industrial plants. Our innovative solutions can be scaled for sites of all sizes, adapted to different risk levels and seamlessly integrated with process control and building controls. And most importantly, protect your plant and employees, help you meet regulatory requirements and keep your surrounding community safe.
View white paper: hpsweb.honeywell.com
|
Sponsor: Byres Security |
The Tofino™ Industrial Security Solution
The Tofino™ Industrial Security Solution is much more than a firewall. It is an easy to use "out of the box" solution that is fully compliant with the latest industry standards. With its centrally manageable, dynamically Loadable Security Modules it can provide encryption, intrusion detection and control protocol-aware security solutions tailored to specific plant floor situations. Keep watching for more information regarding our upcoming seminar that will take place in conjunction with ISA Expo October 13, 2008.
Click here to learn more
|
Live News Feed |
|
|
Visit our Portals |
Our Automation Portals organize information by various automation topics.
Each Automation Portal includes articles, white papers, product announcements, application stories, company news, resources, literature, training, seminars, and events.
|
|
| In this Issue |
|
Featured Articles
Resources & Literature
Application Stories
Featured Training
Product Announcements
Company News
Application News
Featured Events |
| Featured Articles |
Maritime Security: Meeting Threats to the Offshore Oil and Gas Industry
By Honeywell Process Solutions
A major issue for worldwide energy companies is securing offshore oil and gas platforms. This paper covers the challenges faced by the oil and gas industry in securing offshore production assets, including key requirements for an effective platform security strategy, and the latest technology enabling an integrated security management system. Registration required.
Protect your plant
Chemical Processing, August 2008
By Eric Byres, Byres Security
Some of the most important steps that the chemical industry needs to take if it’s going to effectively protect itself from cyber attack. Failure to adapt to these changing threats and vulnerabilities will leave companies exposed to increasing numbers of cyber incidents. The consequences unfortunately could include a marred reputation, environmental releases, production and financial loss, and even human injury or death.
The best Ethernet may be coming
InTech, August 2008
By Patrick McCurdy, Ira Sharp, and Nicholas Sheble
Advances in security, data transmission reliability, and environmental packaging have readied wireless Ethernet for demanding industrial applications.
Here Comes Cyber Security
Power Engineering, July 2008
By David Wagman
If you are not fully comfortable looking at your plant in more than one way, prepare yourself. The coming months will be busy ones at virtually every power plant with a grid connection. Homeland security—in the guise of what’s known as “critical infrastructure protection”—is coming to the power generation industry.
Citect Vulnerability Raises Wider Disclosure Issues
By Andrew Bond, Industrial Automation Insider
Cyber security moved back to the top of the agenda for SCADA system vendors and users last month when security testing specialist Core Security Technologies revealed that it had found a “vulnerability” in Schneider subsidiary Citect’s flagship CitectSCADA product.
Global Market Compliance: A Local Approach Eases a Complicated Process
By Udo Heinz & Sky Mehringer, TÜVRheinland
Helping a product achieve global compliance for safety, EMC, documentation, testing and certification is a complicated and time-intensive process. To place a product in other countries, manufacturers must maneuver a complicated maze of compliance requirements.
Preventing unplanned downtime: the secure control system
South Africa Instrumentation & Control, July 2008
By Bob Huba, Emerson Process Management
One aspect of unplanned downtime that is coming into focus is that caused by breaches in control system security. The problem is best addressed by ensuring physical site security is adequate, correct system security procedures are in place and control system operators and engineers are properly trained. |
| Browse these and more articles and white papers on the Security portal. |
|
| Resources & Literature |
Semaphore Offers SCADA Security white paper
White paper describes the application of new SCADA security technology and outlines a sensible, cost-effective approach that is based on the latest developments in SCADA.
Wonderware announces Customer Support program
Customer First program offers support options including 24/7 support, dedicated technical account management, critical incident response, software updates and advice on software architecture and security.
The CIP Standards
Automation World, June 2008
Here’s a brief look at the requirements of the Critical Infrastructure Protection (CIP) standards, taken from the January 2008 Federal Energy Regulatory Commission’s Order approving the standards.
Disaster Preparation Guide
By ASIS International
Today’s world, awash with continuous terrorist threats and the buzz of imminent war, requires people to have steely nerves, resolve, and most importantly, foresight. One of the best ways to help ease fear and protect the country’s most important asset—its citizens—is for businesses, families, and individuals to be prepared for an attack of any kind.
eGuide - Overcoming Today's VoIP Security Challenges
By Sipera Systems
Bringing new technologies into large enterprises, such as VoIP and virtualization, can result in better business performance and overall productivity. For maximum effectiveness, however, IT professionals should be aware of the security vulnerabilities that these new strategies bring to the network. Guide gives security recommendations.
|
Browse these and more resources and literature on the Security portal.
| | Application Stories |
Securing Redundant Communications between an ESD and a Honeywell DCS
By Eric Byres, Tofino
Describes how a petroleum refinery used the Tofino Industrial Security Solution and Modbus to provide secure communications between a Triconex Emergency Shutdown (ESD) system and a Honeywell Experion process control system. It also explains the use of the Tofino system in redundant networks, techniques for grouping large numbers of identical devices in “networks” and the management of nuisance alarms generated by unwanted multicast traffic.
Pooling Resources
Security Management, August 2008
By Teresa Anderson
The city of Ottawa was having a problem with vandalism. The city purchased a surveillance system with two-way voice communications, digital video recorder (DVR), motion detection alarms, and a loudspeaker. When someone triggers the motion detector or intrusion alarm, the cameras are activated, and images of the area are sent to the central monitoring station.
Let the Games Begin--and End—Securely
Security Management, August 2008
By John Barham
The Chinese government has spent around $6.5 billion on security for the Olympics, according to industry estimates. This money is being used to create one of the most elaborate and technologically advanced security and surveillance systems in the world.
Reliance Security IT team reduces testing bottleneck by 80%
Reliance Security Services, a supplier of electronic security solutions, used Original Software’s TestPlan testing solution to enable its IT team to deliver projects on time and on budget.
|
Browse these and more application stories on the Security portal.
| | Featured Training |
Cyber Security for Control Systems Engineers & Operators
U.S. Computer Emergency Readiness Team
Web-based training package consists of five lessons covering threats, risks, cyber attacks, risk assessments and mitigations for control systems. It can be completed in less than an hour. Registration required.
Security Engineering for Industrial Automation Systems
September 3-5, 2008 Research Triangle Park, NC
Using open standards such as Ethernet and web technologies in SCADA and process control networks exposes systems to cyber attacks. This course provides a detailed look at the security principles that can be deployed in protecting critical control systems.
How to Design IEC 61508-Compliant Hardware and Software
September 22-25, 2008 Natick, MA
Seminar covers safety engineering, IEC 61508 requirements, functional safety management, E/E/PES requirements, case studies, examples, and tools.
Online: Cyber Security for automation, Control & SCADA Systems
September 22 to November 14, 2008
This CyberU course runs for seven (7) weeks. Your course syllabus will guide you through the course modules, provide assignments, and the schedule for live Q & A sessions. Price: $1195.
OPSEC for Control Systems
U.S. Computer Emergency Readiness Team
Web-based training package consists of seven lessons covering the definition of OPSEC, the five-step OPSEC process, common information-collection techniques, information protection, physical protection, appropriate and inappropriate use in the control system environment, and a summary. It can be completed in less than an hour. Registration required.
|
Browse these and more training and seminar opportunities on the Security portal.
| | Product Announcements | | |
Browse these and more Product Announcements on the Security portal.
Search all Products by keyword, category, manufacturer or release date. | | Company & Organizational News |
Wurldtech and Codenomicon collaborate on Industrial Cyber Security
Wurldtech and Codenomicon will work together to introduce new approaches to assessing, mitigating and managing cyber-risk to IP converged systems.
InduSoft CEView HMI/SCADA certified by AT&T for Mobile Applications
CEView HMI/SCADA software is certified to run on many popular mobile devices, including the AT&T 5700, MOTOQ Global, Pantech Duo, the Samsung BlackJack and BlackJack II.
ARC says Process Safety System market to grow 12%
The worldwide market, which is around $1.4 billion in 2007, is expected to grow 12% per year to over $2.5 billion in 2012.
Industrial Defender acquires Teltone Corporation
Teltone Gauntlet solutions provide cyber security protection for substation control system equipment and enable utilities to comply with cyber security requirements.
North American Cyber Security Standards Impact Globally
Automation World, June 2008
By Wes Iversen
As one of the few sets of enforceable cyber security standards on the books worldwide, the Critical Infrastructure Protection (CIP) standards developed by the North American Electric Reliability Corp. (NERC) are having a global impact.
|
Browse these and more company and organizational news on the Security portal. |
| Application News |
Integrated solution for Hershey School
Hi-Tech Security Solutions, June 2008
South African surveillance systems developer and manufacturer Cathexis Technologies provided an integrated surveillance solution to the Hershey School Campus in Pennsylvania. The solution includes multiple DVR/NVRs accommodating some 700 cameras and integration to the 'Open Options' access control system.
|
| Browse these and more application news on the Security portal. |
| Featured Events |
SANS Process Control & SCADA Security Summit
September 8-11, 2008 Amsterdam, Netherlands
Summit brings together engineers and managers from both control systems and information security and IT in utilities, oil & gas, pipeline, etc. Those organizations will get the most out of the Summit if they bring a team composed of both control systems and information security people because the Summit will help enable them to speak a common language, understand the other side’s issues and work together to protect their organizations.
ASIS International 2008
September 15-18, 2008 Atlanta, GA
ASIS 2008 is the recognized world leader in providing security professionals like you with the resources you need to get the upper hand.
ChemITC Conference
September 29 – October 2, 2008 Newtown Square, PA
Chemical industry CIOs, VPs of IT, cyber security experts, business process analysts, enterprise architects and a host of others gather for four days of networking, peer presentations, work team breakout meetings, and plenary sessions.
ISA Expo
October 14-16, 2008 Houston, Texas
Organized around six core automation and control themes, ISA EXPO 2007 provides attendees a content-rich environment that offers unlimited opportunity for exploration of key technologies, professional growth, and interaction with like minded professionals.
Cyber-Con 2008
October 26-29, 2008 Boston, MA
Conference provides an interactive and informative forum for users to share ideas and thoughts about common customer challenges, suggestions and recommendations from the global customer community and communicate collectively to the Industrial Defender team.
|
Browse more industry events on the Security portal.
Add an event to our calendar. |
I hope you enjoyed this Security update. If you have any comments or suggestions regarding the content in this e-newsletter or on Automation.com, please don't hesitate to contact me.
Rick Zabel
Vice President, Publisher
Automation.com View our Privacy Policy For editorial inquiries, please contact Rick Zabel
For advertising inquiries, please contact Karen Olson or see our Media Kit. |
|
|
