 |
Seven Steps to Protect Your Control System
Utility Automation & Engineering, November 2008
By Justin Lowe, et al, PA Consulting
Ensuring the resilience of control systems from security threats is vital to ensuring a utility’s future. Systems are at risk from cyber threats, such as hackers, viruses and worms, because of the increased use of standard IT technologies like Microsoft Windows, TCP/IP, Web technologies and wireless.
|
|
Access Control
Control, November 2008
By Rich Merritt
In the old days, chain link fences and junkyard dogs were enough to scare off intruders and trespassers. But times have changed. If you have a plant that might be the target of terrorists, industrial spies, activists, the anti-this or anti-that group, disgruntled employees or sophisticated thieves, your security problems have increased a thousand-fold.
|
|
Defending Your Plant
Control, November 2008
By Rich Merritt
That nice-looking sales rep in the business suit got through the perimeter security and has arrived at the guard shack, seeking admittance to the plant for an appointment with Paula Process, one of your instrument engineers. The rep could be packing a Hekcler & Koch 9mm pistol, be wrapped in explosives under that suit coat or carrying a bomb or an AK 47 in the attache case. Can your security handle this?
|
|
Infrastructure Cybersecurity Is in Our Hands
Control, November 2008
By Keith Larson
Securing industrial control systems isn’t rocket science, but it does involve the considered deployment of firewalls and other protective measures. And it can’t just be left to the folks in IT. Those whose business it is to understand the unique performance requirements of process automation networks must add a working knowledge of security to their kit bags.
|
|
Nuclear Plant Security and Cyber Terrorism
Control, November 2008
By Béla Lipták
All our nuclear power plants are old and decades ago, the controls of all nuclear power plants were completely analog. Today, digital systems monitor the critical operating conditions. NRC should require total separation between the corporate networks of utilities and the SCADA networks of the plants.
|
|
Security Standards Stewpot Simmering
Control, November 2008
By Jim Montague
Two years ago, there were about 40 government, trade and corporate organizations developing network security standards, and 38 of them reportedly were unaware of similar projects by the others. Since then, many have scrambled to coordinate their standards work.
|
|
Protecting Our Cyber Infrastructure
Control, November 2008
By Walt Boyes and Joe Weiss
One of the very largest problems is that the control systems in plants and the SCADA systems that tie decentralized facilities together were designed to be open, robust and easily operated and maintained—but not necessarily to be secure.
|
|
Do Safety and Security Mix?
Control, November 2008
By Dan Hebert
Integrated systems can simultaneously address process control, safety and security. Once installed, these complex integrated systems can provide value by simplifying plant operations and reducing on-going system maintenance costs. But is the cost and complexity of an integrated safety and security system worth it?
|
|
Shhhhhhhh.. .It’s a Secret
Control, November 2008
By Bob Radvanovsky
One of the difficulties of attacking the problem of cybersecurity and critical infrastructure is the need to keep control of much of the information—hence the attempts at secrecy.
|
|
Is malicious software protection just like Swiss Cheese?
Design Product Automation, October 2008
By David Robinson, Norman Data Defense Systems (UK).
Computer viruses, worms and Trojan horses are increasing at such an alarming rate that the manufacturing, process and utility industries are under considerable threat from inadequate anti-virus provision.
|
|
Embedded RFID product authentication combats counterfeit goods
Industrial Embedded Systems, September 2008
By Martin Payne, Skyktek
Embedded RFID provides a simple, cost-effective solution to counterfeiting as well as the problems associated with unauthorized generics and substitutes. RFID allows manufacturers to embed inconspicuous tags that typically cost 10-30 cents each directly into or onto their products or consumables.
|
|
Automation Insights Network
By Rick Zabel, Publisher
Automation Insights Network is a select group of controls and automation professionals who agree to help us cover news, emerging trends and technologies on various automation topics. Every two months, we will ask people in the Network to share their observations, knowledge and expertise with us. We take that information, distill it, and pass it on to our reporters and editors for use in future stories.
|
|
Industrial Ethernet Growth Slowed by FUD
By Bill Lydon, Contributing Editor
The promise of Industrial Ethernet is clear: it will revolutionize manufacturing by tightly integrating control and business systems, if users can overcome their fear, uncertainty and doubt(FUD). One failure can trigger a cascade of problems and result in a significant loss of time and money. There are many issues surrounding the use of Ethernet in industrial control applications that give control engineers reasons for concern.
|
|
Upstairs, Downstairs
Control, October 2008
By Bob Sperber
In the control arena, all DCS vendors either offer a historian or tie to others, and they are typically installed with a firewall above. This presents problems for OPC, but not for SOA-generation tools such as Web services and XML
|
|
Meeting NERC-CIP Requirements
Power Engineering, September 2008
By Kevin Staggs, Honeywell Process Solutions
As deadlines for the North American Electric Reliability Council Critical Infrastructure Protection (NERC-CIP) standards approach, power plants and electric utilities must begin implementing the necessary security practices to meet the compliance requirements.
|
|
ISA - Change the name to represent the industry
By Rick Zabel, Automation.com
The proposed name change of ISA (to "International Society of Automation") is up for a vote again during ISA Expo in Houston, October 14-16, 2008. Last year, the change was voted down, but I have yet to hear a compelling argument against the change. And there are many reasons for the change. If ISA is truly the global society of automation professionals, then its name should reflect its cause. It's time for a change!
|
|
You can knock, but you can’t get in
Control Engineering, September 2008
By Dennis Brandl
There is a new form of network control called Network Access Control (NAC) that will have a major impact on industrial Ethernet networks. NAC has been in the IT press for several years, but it has only recently starting to hit mainstream IT organizations. A typical NAC implementation will allow network access only to devices that are registered, where there is a valid user account and where all required patches have been installed.
|
|
Defense in cyberspace
InTech, September 2008
By Trent Nelson and Jeff Becker
For industrial facilities, the increased vulnerability of the enterprise resulting from open wireless architectures, coupled with a rise in cyber attacks, has made electronic security a major concern. The Control Systems Security Program (CSSP) cyber researchers regularly evaluate new and introduced solutions.
|
|
Get Physical with Security
By Bill Lydon, Contributing Editor
While there is a great deal of legitimate concern about cyber security, many industrial facilities may be at high risk due to poor physical security. There is a need for a comprehensive security strategy for these facilities and other critical infrastructure. Honeywell Process Solutions' industrial security initiatives go beyond cyber security to address physical plant security.
|
|
Proactive protection
Hi-Tech Security Solutions, August 2008
SDA Security Systems installed a Honeywell access control and intrusion alarm system at the city hall building in Coronoa, CA. The system's alarms and access card readers are tied together through Honeywell's WIN-PAK PRO access control software, which allows users to monitor events and alarms from central or remote locations. The software also lets administrators automate functions, such as creating customised alarm reports, and photo ID badging.
|
|
Why IP surveillance?
Hi-Tech Security Solutions, August 2008
Although IP surveillance has opened the doors for many different types of functionality, there are 10 main reasons why IP surveillance is quickly taking over the CCTV market.
|
|
Electric fencing: the poor cousin of the security sector?
Hi-Tech Security Solutions, August 2008
There are numerous perimeter protection technologies available. These include microphonic cable, microwave, infrared beams, fence-mounted accelerometer sensors and electric fencing. From a security perspective, electric fencing is not the most secure.
|
|
Stopping criminals before they get near - the importance of perimeter security
Hi-Tech Security Solutions, August 2008
As criminals become more adept at finding their way through security systems, the detection of unwanted intruders even before they enter the premises has rapidly become the preferred route taken by installers of alarm systems today.
|
|
Protect your plant
Chemical Processing, August 2008
By Eric Byres, Byres Security
Some of the most important steps that the chemical industry needs to take if it’s going to effectively protect itself from cyber attack. Failure to adapt to these changing threats and vulnerabilities will leave companies exposed to increasing numbers of cyber incidents. The consequences unfortunately could include a marred reputation, environmental releases, production and financial loss, and even human injury or death.
|
|
Here Comes Cyber Security
Power Engineering, July 2008
By David Wagman
If you are not fully comfortable looking at your plant in more than one way, prepare yourself. The coming months will be busy ones at virtually every power plant with a grid connection. Homeland security—in the guise of what’s known as “critical infrastructure protection”—is coming to the power generation industry.
|
|
Citect Vulnerability Raises Wider Disclosure Issues
By Andrew Bond, Industrial Automation Insider
Cyber security moved back to the top of the agenda for SCADA system vendors and users last month when security testing specialist Core Security Technologies revealed that it had found a “vulnerability” in Schneider subsidiary Citect’s flagship CitectSCADA product.
|
|
The best Ethernet may be coming
InTech, August 2008
By Patrick McCurdy, Ira Sharp, and Nicholas Sheble
Advances in security, data transmission reliability, and environmental packaging have readied wireless Ethernet for demanding industrial applications.
|
|
Global Market Compliance: A Local Approach Eases a Complicated Process
By Udo Heinz & Sky Mehringer, TÜVRheinland
Helping a product achieve global compliance for safety, EMC, documentation, testing and certification is a complicated and time-intensive process. To place a product in other countries, manufacturers must maneuver a complicated maze of compliance requirements.
|
|
State of Manufacturing & Automation in the U.S. Looks Good
Could it be that high fuel prices, the weak dollar and crises in the U.S. manufacturing industry are creating opportunities? Andy Chatha of ARC Advisory Group thinks so. He says the U.S. industry has suddenly become competitive on the world market, and companies are no longer moving operations overseas. Instead, many are expanding their facilities, and he predicts a boom in automation right here in the U.S.
|
|
Preventing unplanned downtime: the secure control system
South Africa Instrumentation & Control, July 2008
By Bob Huba, Emerson Process Management
One aspect of unplanned downtime that is coming into focus is that caused by breaches in control system security. The problem is best addressed by ensuring physical site security is adequate, correct system security procedures are in place and control system operators and engineers are properly trained.
|
|
Defense in Depth
Control Engineering Asia, June 2008
By Eric Byres
Many companies base their plant floor/SCADA security solution on a single firewall between the business network and the control system network, believing that this firewall will be the ultimate security filter and prevent anything evil from ever getting to the control system. Unfortunately, nothing could be further from the truth.
|
|
Factory Automation: Secret's in the system
InTech, July 2008
By Ellen Fussell Policastro
If you are packaging pills, building automotive parts, or labeling bottles of soda, you might think your processes do not have to be as secure as a nuclear plant or chemical plant. Think again.
|
|
Flirting with disaster
InTech, July 2008
By Michael Carey
A true disaster recovery plan needs to not only address software but also hardware and the network. It also needs to address prevention and recovery and take into account the ability to protect systems using current technology and legacy systems where replacement hardware may not be available.
|
|
Taking out the Garbage: Making Windows XP suitable as a HMI Platform
By Marty Huff, MSI Tec
Windows XP can provide a robust HMI environment, and has several advantages over either Windows CE or Linux. Out of the box, however, Windows XP is not suitable to act as a HMI / SCADA platform. There are several "tricks" that can be performed to "take out the garbage" thus creating a stable, robust, and secure environment for your application.
|
|
Loose Lips Sink Assembly Systems
Assembly, June 2008
By John Sprovieri
To ensure they will be first to market with a hot new product, manufacturers often go to great lengths to protect the secrecy of what they’re assembling and how they’re assembling it. To help their customers maintain a competitive advantage, systems integrators follow a host of standard operating procedures designed to keep secrets under wraps.
|
|
Making Cyber Security Mandatory
Automation World, June 2008
By Wes Iverson
The newly approved NERC CIP standards covering cyber security in the electric power industry may be controversial, but there are big fines for lack of compliance. While other U.S. “critical infrastructure” industry segments are coming under increasing federal pressure to improve their cyber security, initiatives aimed at the power industry are in some ways the furthest advanced.
|
|
Corporate IT Helps Plants with Security
Automation World, June 2008
By Rob Spiegel
The best solutions for securing the plant usually come through strong communication between plant operators and IT personnel. One of the more popular emerging solutions is the creation of a team consisting of plant engineers and IT staff. This team takes on the responsibility for securing the plant, and no decisions are made without input from both control engineers and IT staff.
|
|
Tactics for Plant Security
Automation World, June 2008
By Rob Spiegel
The information technology (IT) department at an enterprise offers a range of ways to secure the plant network. But not all of these tactics are appropriate for the plant. Control engineers have to pick and choose to make sure the network is secure, while also making sure security tactics don’t interfere with availability or safety.
|
|
Office/Plant Security Clash
Automation World, June 2008
By Rob Spiegel
According to ARC, the conflict between the plant and the information technology (IT) group stems from a long list of conflicting missions, systems and priorities.
|
|
On the Road to Cyber Security
Automation World, June 2008
A 10-year roadmap for achieving control system cyber security in the energy industry has been hailed as a model for other industries. Here’s a look at progress to date.
|
|
Insider Threats Demand Focused Security Reviews
Automation World, June 2008
By Robert Mick
Over the last several years, growing cyber threats coupled with the ongoing discovery of new vulnerabilities has demanded a lot of attention within the manufacturing community.
|
|
Peril in the pipeline
InTech, June 2008
By Marshall Abrams and Joe Weiss
Cyber security often focuses on the vulnerabilities of commercial off-the-shelf software and Internet access, with malicious activity as the primary concern. But more discussion is needed about control system cyber security and how its policies and countermeasures can potentially preclude or minimize the impacts of a control system cyber security event.
|
|
Interlocking a matter of safety
InTech, June 2008
By Michael Carey
A common mistake when designing an automation system is to incorporate too many interlocks. Creating too many interlocks restricts the ability to operate the system when the system goes into abnormal operation.
|
|
Don't judge a supplier by its name
By Frank Hurtte, Contributing Author.
For those of us who live and breathe the rarified vapors of technology based automation, it's pretty hard to fathom how life existed without electronic automation. Yet, it has been a short 30 years since the venerable PLC became anything more than a novelty outside of the Big 3 in Detroit. Sometime in the late 1970s, microprocessors changed our lives forever. Since those early days, the power of these tiny chips forever changed the way we think about manufacturing.
|
|
Regional Manufacturing Expos Prove Most Valuable
By Thomas R. Cutler
Deciding which conferences, webinars, and expos are worthwhile for manufacturing engineers and buyers to attend often feels like a dangerous yellow brick road, never knowing quite what to expect.
|
|
Blending Plant Operations with Enterprise Management
Automation World, May 2008
By Rob Spiegel
The war between plant operations and IT is over. Here’s a look at the major trends in information technology that are having a direct and growing impact on plant operations.
|
|
ABB is powered up and running at high efficiency!
By Bill Lydon
The products and services shown at ABB Automation World in Houston, Texas along with the enthusiasm of the ABB employees and users would seem to explain why the company’s 1st quarter 2008 earnings beat investment analysts’ consensus by over 40%. The three-day trade show and conference ran from April 29 through May 1 in Houston, Texas. There was a great deal of energy and enthusiasm at the event which showcased ABB products, ABB services, partner products, and over 300 workshops/training sessions.
|
|
Quantifying Cyber Security Risk Part 2
Control Engineering, May 2008
By Morgan Henrie, Univ of Alaska, and Paul Liddell, Alyeska Pipeline
Each company has to balance the risk of a potential SCADA cyber security event, the effects an event could have on the company, its customers, and other stakeholders, as well as the cost of a cyber security mitigation program. The hardest step in the design and deployment of the overall risk mitigation strategy is quantifying the risk.
|
|
Consider the Consequences of a Cyberattack
Industrial Networking, May 2008
By John Rezabek, ISP Corp.
One only can assume that fear of bad press must keep most victims from publicizing or revealing any successful cyberattack. Reports of serious breaches in industry still seem to be few and far between.
That we are vulnerable is hard to deny.
|
|
Combining Cyber and Physical Security
Control Engineering, April 2008
By Frank Madren, GarrettCom
Security technologies developed in electric utility applications are spreading into broader use. IP based video extends functionality of Ethernet infrastructure.
|
|
Wireless Security On The Plant Floor
Industrial Ethernet Book, April 2008
By Wally Gastreich
The goal of wireless network implementations is to provide benefits identical to common wired networks and protect the network and resources from security related issues. Here’s how to secure a plant floor wireless network.
|
|
Feel Secure about Vulnerability Assessments
Chemical Processing, March 2008
By Frank Pisciotta, Business Protection Specialists, and Deborah Allen, Potash Corp.
The U.S. government has established its first-ever security mandates for “high risk chemical facilities.” The Chemical Facility Anti-Terrorism Standards are designed to identify high risk facilities. This article offers guidance to help you prepare such materials and respond to DHS in the event your facility must conduct a security vulnerability assessment.
|
|
Department of Homeland Security Regulations May Impact Ethanol Producers
Ethanol Producer Magazine, April 2008
By Scott E. Hitch and Steven A. Burns
DHS regulates chemical facilities that present high levels of security risk. Facilities subject to DHS regulation must develop and implement layered security measures for site security plans that address the vulnerability assessment and the risk-based performance standards for security for the facility. Many ethanol facilities may be out of compliance.
|
|
Take Steps to Stymie Cyber-Criminals
Automation World, March 2008
By C. Kenna Amos
What drives better security is manufacturing taking responsibility for itself.
|
|
Just Because They Haven’t, Doesn’t Mean They Won’t
Control, March 2008
By Walt Boyes
Control’s editor ponders the possibilities of cyber attacks on SCADA and control systems, and suggests we work to protect them.
|
|
Quantifying Cyber Security Risk
Control Engineering, March 2008
By Morgan Henrie, Univ of Alaska and Paul Liddell, Alyeska Pipeline Service
Basic risk analysis techniques can help you understand the cyber threats to industrial control systems and SCADA systems overseeing electric utility distribution. This step will help as you begin planning a defensive strategy.
|
|
Uninterruptible power systems meet factory automation security
Intech, March 2008
By Michael Stout and Michael Gibson
Harsh industrial power environments demand high-level power protection: The right UPS can meet that demand. There are four UPS designs: offline, line-interactive, double conversion online, and flywheel.
|
|
Creating Secure OPC Architectures
By Adriel Michaud, MatrikonOPC
Technical guide on how to secure typical OPC implementations. It covers OPC DA, HDA, and A&E, securing OPC Servers from unauthorized OPC Client access, and restricting authorized OPC Clients to only the functions necessary.
|
|
The Horse with Stripes
Control, February 2008
By Walt Boyes
Many IT security professionals now profess to be “industrial cyber security experts” because they understand “SCADA” and have worked for years in enterprise IT and enterprise cybersecurity. But it takes more than that to function properly in the industrial controls environment.
|
|
Time for Plant and Corporate IT to Grow Up
Control, February 2008
By Charlie Gifford, 21st Century Manufacturing Solutions
Subject: the bloody war zone in manufacturing operations management (MOM) systems. Neither side realizes how large and complex job it is to integrate and translate between the plant and business in real-time.
|
|
Capital Preservation, Businesses’ Life Blood
Control, February 2008
By Dave Harrold
Stand before an audience of senior executives, use the word “safety” in your opening remarks, and watch the eyes begin to roll as everyone begins looking for the nearest exit. If they were called ‘instrumented capital preservation systems’ instead of safety instrumented systems, every CEO would insist the company invest in them.
|
|
Integrating Enterprise and Plant IT Functions
Control Engineering, February 2008
By Jim Ricigliano, Wyeth Pharmaceuticals, and Matthew Bauer, Rockwell Automation
When pharmaceutical manufacturing processes are automated there are many benefits, but implementation can demand difficult choices. Integration often brings enterprise IT onto the plant floor.
|
|
RFID - Rx for Drug Security?
CEP, February 2008
By Gerald Parkinson
Some pharmaceutical companies are turning to radio frequency identification to protect against counterfeiting and theft of expensive drugs.
|
|
2008 Pinto’s Pointers – Technologies & Markets
by Jim Pinto
Because of its fragmentation, low volumes and conservative customer base, industrial automation is relatively slow to change. In the broad automation markets, there are pockets of technology and market growth that deserve special review. Here are Jim Pinto’s pointers and prognostications regarding the top automation technology and market trends that will gain traction in the coming year.
|
|
Wolves at the Security House Door(s), Part 2
Control, January 2008
By Eric Byres
If the Single Firewall is not Secure Enough for Control Systems, What Security Model Is?
|
|
Forget the silos, build the bridges
Intech, December 2007
By Eric Byres, Jim Bauhs, and Brian Mason
Where does one start when attempting to improve the security of the plant floor from these threats from outside world? We believe the only technique with a high chance of success is a highly coordinated effort by both IT and IC. This paper looks at techniques that can make this possible.
|
|
More Fiber in Your Network Diet
Control, December 2007
By Dan Hebert, senior technical editor
It is extremely difficult to eavesdrop on fiber-optic connections, guaranteeing a high degree of security.
|
|
Breaching Boundaries
Automation World, December 2007
By Greg Farnum, Contributing Editor
Security is included in the official OPC-UA stack, which is available royalty-free to OPC members. Users have the option to enable or disable the use of security.
|
|
With maintenance like this, who needs terrorism?
Plant Services, December 2007
By Paul Studebaker
A recent pipeline explosion is just another disaster on U.S. soil that could have been prevented by solid maintenance practices.
|
|
Plug leaks in the firewall to improve Ethernet security
Plant Engineering, December 2007
By Larry Komarek, Phoenix Contact
A single firewall that isolates the Internet from the plant network is insufficient protection for the underlying control systems. Those planning the security system must consider multiple layers of protection between manufacturing departments, independent manufacturing lines and the enterprise system network.
|
|
Survey: Insider carelessness cause of most security threats
ISHN, December 2007
New survey indicates that the biggest workplace cyber threats are often unintentional, resulting from carelessness or ignorance from individuals within the organization or company.
|
|
Cyber Security: The Human Factor
Control Engineering Supplement, November 2007
By Peter Welander
Your people can be the weakest security link. In some cases an unhappy employee can cause deliberate sabotage, but these situations are less frequent than people doing stupid things. Or sometimes people fall for a social engineering scam that makes them open the door to a virus or hacker.
|
|
Cyber Risk Assessment
Control Engineering Supplement, November 2007
By Todd Nicholson, Industrial Defender
Completing a risk assessment can uncover cyber security vulnerabilities before they become disruptive to the real-time process control and supervisory control and data acquisition (SCADA) network.
|
|
Serial Network Security with Device Routers
Control Engineering Supplement, November 2007
By Howard Linton, GarrettCom
Providing cyber security for legacy serial networks can be simpler using a new family of serial device routers. These devices bridge the gap between Ethernet and serial protocols while providing protection.
|
|
A security primer: 8 steps to building a security infrastructure
Control Engineering Supplement, November 2007
Any system that secures plant assets should follow a “defense in depth” strategy that takes a multilayer approach including the creation of security zones.
|
|
Security
Control Engineering Supplement, November 2007
Plant operations managers need to recognize that although they may feel isolated from security threats, in reality they are not. Three common myths must be debunked.
|
|
Plug cyber-security gaps
Chem Processing
By Seán Ottewell, contributing editor
It’s time for the chemical industry to ratchet up its cyber-security efforts. There’s a surge in interest in cyber-subjects such as security certification, defense-in-depth strategies, risk-based planning and improved policies and procedures.
|
|
Get ready to comply with new security mandates
Chem Processing
By David A. Moore and Dorothy Kellogg, AcuTech Consulting Group
New anti-terrorism standards require the Department of Homeland Security to identify and regulate "high-risk chemical facilities." These facilities will be subject to a security vulnerability assessment.
|
|
Access Control: Keeping terrorist attacks out of your plant
- 12/27/07
Plant Services, October 2007
By Sheila Kennedy
Chemical plants, water systems, oil refineries, food manufacturers, the electrical grid – American industry is rife with risk. A variety of technologies can help control access to your plant, materials and information, and mitigate the risk of becoming an unwitting party to a terrorist event.
|
|
Beyond F.U.D.: How to start securing your DCS network today
By Doug Clifton - Invensys Process Systems
Cyber Security is much more than a firewall; it's education, data integrity, protection of intellectual property and so forth. The worse thing you can do is wait another minute to do something to start securing your network. This white paper shows how to get started
|
|
Cyber security is a team effort
Plant Services, April 2007
By Joe Weiss PE, CISM
Modern communications and networking technologies can render your control system vulnerable to intentional or unintentional cyber events. Operations and IT need to address these vulnerabilities with a joint effort.
|
|
Security Protocols for the Embedded Internet
Embedded System Conference, April 2007
By Tracy T. Thomas, Ph. D., U S Software Corporation
This paper reviews security attacks, requirements, and implementation with a focus on suitability for embedded systems.
|
|
10 Control System Security Threats
Control Engineering, April 2007
By Peter Welander, Control Engineering
Based on work done by the North American Electric Reliability Corp., these control system vulnerabilities are the place to start to prevent a security breach.
|
|
Chemical security rules edge forward
Chemical Processing, February 2007
By Lynn Bergeson, regulatory editor
Advance Notice of Rulemaking (ANR) on anti-terrorism standards for chemical facilities was issued December 22, 2006, by the U.S. Department of Homeland Security (DHS). This article is a summary of this important initiative, 71 Fed. Reg. 78276.
|
|
Security Is a Journey
Automation World, March 2007
By C. Kenna Amos, Contributing Editor
Information technology (IT) security and network security must become part of the framework of every deployed application and technology. That entails embedding security into the network fabric itself. But it also makes sense that security strategies cover all manufacturing and corporate assets—and that the production environment and automation systems be isolated from the rest of the enterprise. IT and automation engineers have different opinions on computing and network assets applied in the manufacturing and control-systems spaces
|
|
Lessons in Cyber Security
Automation World, March 2007
By Wes Iversen, Managing Editor
Attendees at this year’s Process Control Systems Forum received a concentrated look at the latest tools, techniques and projects in control systems cyber security. “We face real dangers from sophisticated, nimble and organized adversaries who will stop at nothing to achieve their objectives. The truth is that our networks and control systems are vulnerable, and they’re exposed, and we have to change that,” declared Bruce Landis, deputy assistant secretary for Cyber Security and Telecommunications for the U.S. Department of Homeland Security (DHS).
|
|
Network security for device servers
By Sena Technologies
Device servers deliver the appropriate network connection and physical interface for industrial device applications. Providing this function in a secure fashion is becoming a major concern for industrial IT managers as burgeoning numbers of industrial devices receive a real or proxy Ethernet connections. Security-related features have become one of the main factors in device server selection.
|
|
OPC Consideration for Network Security
Cyber security means the confidentiality, integrity, and availability of computers, applications, and digital-based assets. In most organizations, this is the responsibility of the corporate IT group. Unfortunately, whenever IT meets real-time control systems, trouble erupts. So when IT implements different Windows Domains and Firewalls, the first casualty is typically DCOM communication and, consequently, OPC traffic.
|
|
Mobile Malware Creates Opportunity for Managed Security Services
While malware targeting mobile devices is a relatively recent problem, significant increases in shipments of smartphones, as well as increasing market penetration by Microsoft, have made mobile devices much more attractive targets for hackers. According to ABI Research, the newest and most intriguing market opportunity for mobile security is the growth of mobile device security managed services.
|
Cart
