This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Taking on the security challenge

08 May 2018

Connectivity is seen by many as a significant challenge to plant security. In the new era of IIoT it is, therefore vital that security considerations are prioritised. Suzanne Gill reports. 

With each new connection comes another potential point of entry for a security threat – be that physical, digital, internal, external, malicious or unintended. “With every part of the enterprise soon becoming connected in some way to the whole, the risk at every point of ingress is now also a risk to the whole enterprise,” said Mike Loughran, field business leader architecture & software sales at Rockwell Automation.  

This means that a range of security concerns must to be addressed, including the safekeeping of Intellectual Property and market sensitive data; protection from intrusions that might negatively affect throughput, employee safety or the environment; keeping wastewater treatment systems online and operating safely; keeping enterprise systems online and not causing network related downtime; and allowing selective remote access to industrial operations.

“With all of this in mind, the commitment to industrial security must be renewed regularly and must evolve constantly with the ever-changing threat environment. The worst thing to do is become overwhelmed by the possible threats,” warns Loughran. “A good approach is to start by focusing on the probable threats, which will help create better security practices in general.” There is no single standalone product, technology or methodology that can protect from the wide variety of possible threats. The days of security-through-obscurity are also gone – it is hard to measure success and therefore efficacy of that kind of approach.

“Proprietary networks that rely on one vendor may fall short when they don’t use other available IT tools, innovations and security features. Security should encompass everything – from the enterprise level, through the operational level and all the way to each and every enabled device,” continued Loughran. It must take into account risks from staff, processes and technologies alike. It requires IT (Information Technology) and OT (Operational Technology) operatives commitment and collaboration – each has a vital role in establishing and maintaining a secure network infrastructure                                                    

A holistic approach should start with three simple steps: Gain an understanding of the by undertaking a security assessment; deploying a multi-layered security approach – ‘Defence in Depth’; and verifying that your automation vendors follow core security principles when designing the products that are used in your plant.

Getting the balance right
Niklas Mörth, project manager cyber security at Westermo, agrees with Loughlan. He believes that one of the biggest challenges presented by an increasingly connected industrial landscape is achieving the right balance between security and operations. He said: “The security measures that a plant implements can, potentially, make life difficult for its operators. For example, you could implement network segregation to filter out all the traffic that does not belong to your network, but if you do not keep the network segregation up-to-date, you could also block valid and important operational data. In a worst-case scenario, the mechanism that was supposed to protect against external threats could be the very thing that halts operations.”

With plants under constant pressure to maximise availability, an operator might decide to disable network segregation and filtering, in the belief that this will help to maintain production. However, it is there for a good reason. “Its purpose is to prevent a hacker from breaking into the network and carrying out an attack which could have even more serious consequences,” said Mörth. “It is vital to adopt a sustainable security posture. Network segregation and other security protection features, such as perimeter protection, intrusion detection, spoofing protection and network-to-network protection are all important. However, if they are to function properly, it must be understood that cyber security is not only about technology but also about people.

“A crucial aspect of cyber security is keeping your defensive mechanisms up-to-date. Create your security baseline and then constantly reassess the defence, adjust it, and have plans in place for what to do if something happens. That requires technology, people and knowledge, and is the core of a sustainable security posture. Cyber-attack threats are constantly evolving, and therefore so must your defences,” concludes Mörth.

Slow takeup
Worryingly, a study ‘Putting Industrial Cyber Security at the Top of the CEO Agenda’ conducted by LNS Research and sponsored by Honeywell, found that industrial companies are not moving quickly enough to adopt cyber security measures to protect their data and operations.

The survey polled 130 strategic decision makers from industrial companies about their approach to the IIoT, and their use of industrial cyber security technologies and practices. Over 50% of respondents reported working in an industrial facility that already has had a cyber security breach, while 45% reported that they still do not have an accountable enterprise leader for cyber security and only 37% are monitoring for suspicious behaviour. 
Although many companies are conducting regular risk assessments, 20% are not doing them at all.

Some good news
The good news is that, while Honeywell’s study highlights the slow rate of adoption of cyber security measures, Sanjin Biševac, service sales manager Europe at Emerson Automation Solutions, has identified that the implementation of a range of cyber security measures is now far more prevalent within manufacturing and process companies than it was just a few years ago. So, maybe adoption is now speeding up. Biševac points to two key drivers for this change – regulation and digital transformation.

“Several government bodies across Europe are now encouraging the adoption of cyber security measures,” he said.  To a certain extent, these bodies form their requirements based on recommendations provided by a single series of international standards – ISA/IEC-62443. With this unified standard comes guidance that helps process and manufacturing companies strive for improved cyber security practices.

“Starting to implement cyber security measures can be relatively inexpensive, beginning with workstation hardening, user-account management and patch/security management,” said Biševac. “These measures can reduce the surface for potential attack and increase security at the interfaces of devices.” 

Firewalls can be used to segment automation systems internally and to isolate them from Level 3 and other external networks. Firewalls can ensure that only authorised devices/applications can communicate with each other and protect the integrity and confidentiality of messages exchanged between communicating applications.

“Protection against intentional violations can be increased with Security Information and Event Management (SIEM) and Network Security Monitor (NSM) solutions. SIEM deals with real-time monitoring, correlation of events, notifications, analysis and reporting of log data. NSM monitors traffic on automation system networks to identify suspicious content and malicious activity.

“With new security threats constantly arising, cyber security should be considered as a continuous activity. A company’s appetite for cyber risks and its budget availability will determine which security levels it will try to attain,” concluded Biševac.


Contact Details and Archive...

Print this page | E-mail this page

MOST VIEWED...


Article image Anheuser-Busch InBev’s distribution strategy model

Over the past 10 years Anheuser-Busch InBev (A-B InBev) has grown its global distribution network using a strategy which goes against the grain for traditional brewery specifications. In place of cost and time intensive permanent structures, it has adopted a design-driven approach in partnership with Herchenbach, a manufacturer of temporary buildings and semi-permanent warehouses. Full Story...

Article image And the 2018 Food Processing Award winners are…

There were nine Food Processing Awards up for grabs this year. The judging panel whittled it down to three finalists in each category and we left it to the readers of Food Processing to decide the winners, which were announced at an awards ceremony in Coventry on 18th October.Full Story...

What role does refrigeration play in the supply chain?

A recipe for continuous improvement success

Adapt and change to stay competitive

http://www.spiraxsarco.com/global/uk/News/Pages/Your-quick-start-guide-to-including-your-steam-system-in-your-HACCP.aspx?utm_source=Food_Processing&utm_medium=Website&utm_campaign=HACCP_Quick_Start_Gu