This page contains a Flash digital edition of a book.
Plant Management


safety-security risks or to reduce the risk in plants. The technical measures affect different areas: PC environment; engineering tool; communication; secure control; and safety application.


antivirus software, because only the programs released by the user are allowed to be executed.


In order to properly configure the various security measures, the required ports and user rights for the engineering tool must be known. In addition, the engineering software must be compatible with the security software of other manufacturers. Thus the user can flexibly implement the security products that are prescribed or that are most suitable. The principle of diversity also applies for these levels of protection, as use of products from different manufacturers avoids the same type of errors.


Protective measures


The international security standard IEC 62443-3-3 requires a compartmentalisation of production networks.


Source: HIMA Paul Hildebrandt.


The BIOS password is the outermost security layer to protect the PC and the engineering tool of the safety system against unallowed access. In accordance with the basic principle of supporting only that which is required, the operating system environment user guidelines and group guidelines must be set up with reduced access rights.


The use of a firewall and antivirus software, or better yet an Application Whitelisting, further improves the security protection. In this regard an Application Whitelisting, is indeed more complex in configuration; however, it offers better security protection, particularly against unknown malware, than is offered by


14 www.engineerlive.com


SILworX, the engineering tool for HIMax, runs on a standard PC with Windows. The software is compatible with all major antivirus protection programs and consequently can be used with the antivirus software that is standardised and released for the respective company. SILworX protects itself against faulty installation data and manipulation via a CRC (cyclic redundancy check) that occurs each time the software is started or code generation takes place. In addition, MD5 checksums for the installation data are available to the user to check the correctness of the installation.


SILworX has additional features that promote security. A database file in a HIMA-specific format contains the data for the project generated with SILworX as well as the encrypted user ID and passwords. The function-relevant project parts are additionally protected via a separate CRC so that a change in the project data can also be detected and traced with the available secure code comparer.


It is possible to create a project archive automatically each time the controller is loaded. All changes can be traced via this seamless version history. This backup function also permits identification and


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29