Alert: Automation World now enhanced for the iPad and iPhone. Watch a quick video preview
Greenfield
Factory Automation
Bassett
Batch Processing
Hand
Process Automation
Reynolds
Packaging Automation
Campbell
On the Edge
Download this free 94-page Continuous Process Playbook loaded with industry expert advice on topics ranging from control systems, instrumentation, and industrial networks to energy management, security, and system upgrades.
Perspective
|

Security: How IT and Industrial Control Differ

Print Reprint
FILED IN:  Security
     
When your “nail” is computer system security, the “hammer” is often commercial IT security measures.

And though a good dose of IT security is essential to industrial control system security, successfully securing a control system requires additional steps.

A recent release from Tofino Security highlighted the unique aspects of industrial control systems that set their security measures apart from most IT systems. Some of these factors included control systems placement on the plant floor, rather than a climate controlled data center; their potential for placement in or close to hazardous environments; plus the fact that the average life span of equipment on the plant floor is measured in decades rather than a few years.

Referencing information from a Belden Industrial Ethernet Infrastructure Design Seminar, the Tofino release boiled down the differences between IT and ICS (industrial control system) security solutions to the fact that each system has different:
• Performance requirements;
• Reliability requirements;
• Operating systems and applications;
• Risk management goals;
• Security architectures; and
• Security goals.

ADVERTISEMENT

Security goals are an essential difference between the two.  For example, the number one goal of IT security is focused on privacy, i.e., protecting the data; whereas the number one goal of ICS security is based on safety, i.e., protecting the process. Three major categories of ICS security issues are outlined in the seminar. Those issues are:

Soft targets. According to Belden, control networks are full of what are known as  “soft” targets—devices vulnerable to disruption through their network interface.

Multiple pathways. These pathways often bypass existing security measures in the plant, and some don’t even appear on a network diagram.

Flat networks. Many ICS networks are still implemented as large, “flat” networks with no isolation between unrelated subsystems.

>> David Greenfield, [email protected], is Media and Events Director for Automation World. 

COMPANIES IN THIS ARTICLE: Belden Inc.
FILED IN: Security
0

Add new comment

 

  NEWSLETTERS
Don’t miss intelligence crucial to your job and business!
Click on any newsletter to view a sample. Enter your email address below to sign up!

News Insights

News & Analysis

Product Insights

Latest Automation Products

Best of Blogs

Industrial Automation Columnists

Automation Focus

Sponsored white papers, videos and products

Continuous Processing

Oil & Gas, Chemical and More

Automation Skills

Improve Industry Skills

Industrial
Ethernet Review

Network Application of IE

On The Edge
Blog

Workforce Development

Factory Automation

Technology for Discrete Manufacturing

Food Bev & Pharma

Automation Applications & Trends

Global Edition

Global automation news

Each newsletter ranges in frequency from once per month to a few times per month at most.

 

IT Delivers on Automation’s Promise
E-Book Special Report
IT Delivers on Automation’s Promise

Sign up to receive timely updates from the editors at Automation World and download this FREE Special Report on the transformative power of data in manufacturing. By integrating information and automation technologies, manufacturers are finally achieving major gains in productivity from their automated systems.

x