Home

What About Whitelisting?

March 31, 2012

One security tactic gaining momentum in the industrial sector is whitelisting. This security method involves a layer of security that only allows pre-approved applications to run on the system. No exceptions.

David Greenfield, editor in chief

Brian Ahern, president and CEO, Industrial Defender (www.industrialdefender.com), says that “if we can run whitelisting on the mission critical server side, that allows us to address gaps from a patching perspective, because vendors can’t certify an operating system patch fast enough.” These patches usually takes six months to develop before they are ready for release.

Though whitelisting is an effective strategy for control system security, industry is still very early in its adoption of this tactic. Fewer than 5 percent of Industrial Defender’s customers have adopted this approach, but Ahern says there is increasing interest in it.

The downside to whitelisting, according to Ahern, is that it is “fairly invasive and does require compatibility and interoperability testing with the OEM vendor. As soon as you only allow certain applications to run, you need to understand the DLLs, executables, and what’s happening on a mission critical server so that, if it spawns another DLL, you’ll be able to understand that it’s allowed.”

>> Click here to read Automation World's full report: The Stuxnet Effect on Cyber Security

About the Author

David Greenfield, editor in chief | Editor in Chief

David Greenfield joined Automation World in June 2011. Bringing a wealth of industry knowledge and media experience to his position, David’s contributions can be found in AW’s print and online editions and custom projects. Earlier in his career, David was Editorial Director of Design News at UBM Electronics, and prior to joining UBM, he was Editorial Director of Control Engineering at Reed Business Information, where he also worked on Manufacturing Business Technology as Publisher.