This page contains a Flash digital edition of a book.
Plant Management


4 Cyber security is


becoming an increasingly important aspect of plant management. Here we look at the strategies and technologies being used by suppliers to ensure that process plants minimise their vulnerability to cyber attacks. Eugene McCarthy reports.


Ensuring process cyber security


sophisticated cyber attacks on record. Belden, a global leader in signal transmission


O


solutions for mission-critical applications, in coordination with Tofino Security – part of Belden’s Hirschmann brand – has developed a product portfolio and business processes to protect critical infrastructure against these emerging threats. Legacy industrial communication and


networking systems originally designed to work only within facility walls are opening up, as organisations look to work smarter and more efficiently. As a result, the industrial floor has become a hotbed of information activity, with intelligence passing back and forth between industrial settings and outside systems. “It’s vital for companies to employ industrial


Ethernet systems enforced with secure industrial cabling, switches, routers and firewalls if they are going to protect critical operations from cyber sabotage,” said Eric Byres, cto and vice president of engineering at Tofino Security. “The push for efficiency now requires increased information passing between the industrial and enterprise systems. This significantly elevates the risk and need for top-notch security - starting at the plant floor.” But the level of sophistication shown by


Stuxnet, Night Dragon and Flame - and the open aggression between countries - requires more than advanced hardware protection. Company policies and internal security processes across all system components are crucial to the success of any security system in an era of heightened threat. The likely targets of cyber attacks aimed at nation states include energy and water supply. Complementing the Belden industrial Ethernet


product offering, Tofino Security, in partnership with exida, recommends a seven-step process designed to help protect industrial systems from these highly advanced threats:


l Assess existing systems: understand risk and prioritise vulnerabilities.


l Document policies and procedures: determine position regarding industrial control systems (ICS) and develop company-specific policies.


l Train personnel and contractors: develop and institute policy awareness and training programmes.


16 www.engineerlive.com


ver the past two years, industrial infrastructure has been identified as a key target for hackers and government-sponsored warfare, attracting some of the most


l Segment the control system network: create distinct network segments and isolate critical parts of the system.


l Control access to the system: provide physical and logistical access controls.


l Harden the components of the system: lock down the functionality of components.


l Monitor and maintain the system: update antivirus signatures, install patches and monitor for suspicious activity.


John Cusimano, director of security at exida, said: “Security researchers and hackers have identified numerous vulnerabilities in the products used in industrial operations – specifically the water, energy and transportation industries – and it’s absolutely vital that companies start now to secure core components through best practice policies and industrially-focused security technologies,” said Byres.


Dedicated teams tackle the cyber threat


Meanwhile Honeywell has formed an Industrial IT Solutions group, a global team of experts who can help manufacturers and process industry facilities protect against cyber threats. Part of Honeywell Process Solutions, the


Industrial IT Solutions group specialises in the design, performance assessment and protection of networks used in the process industry, including wireless instrument and Scada platforms. Its offerings will provide a comprehensive range of vendor-neutral technology and services required to assess, remediate, maintain and manage plant automation network performance, vulnerabilities and cyber security measures. Jon Lippin, vice president and general manager,


Honeywell Lifecycle Solutions and Services for Honeywell Process Solutions, said: “As control networks continue to expand and integrate to business systems, the risks and complexity of cyber vulnerabilities must be addressed with the same vigilance as process safety risks assessments.” Honeywell’s industrial IT services are based


on extensive knowledge in IT systems and a deep understanding of process control environments. The company has completed hundreds of industrial IT projects across the globe. “Honeywell has invested in building the


Industrial IT Solutions practice to help industrial plant, pipeline and asset owners stay ahead of the threats, regardless of control system vendor or location. We provide a scalable approach to


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36