Keeping Plants Secure

June 1, 2004
The potential for terrorist attacks on chemical plants, refineries and other process industries is drawing increased attention these days, both in terms of physical break-ins and electronic, network-based intrusions.

“After Sept. 11 got everybody’s attention focused, a lot of our customers decided that they really had to do something about this,” says Peter Zornio, director of product marketing for Honeywell Process Solutions (www.honeywell.com/acs), in Phoenix. Many companies added security to the job responsibilities of someone at their plants, says Zornio, while others created separate new, security positions.

As a major supplier of process control systems, as well as building security systems, Honeywell is well-positioned to address process industry concerns in this arena. And during a recent visit to Automation World offices, Zornio was asked about the state of the process industries’ security preparedness.

“We are spending a lot more time talking with our customers about what they’re doing in this area,” said Zornio. But process industry customers are not yet spending big dollars on new security solutions—of either the physical or the cyber variety, Zornio said. Instead, many companies are still trying to sort out where they stand, and how vulnerable they are, he noted, and they are taking advantage of Honeywell services for physical and cybersecurity risk assessments.

Zornio cited work by researchers at the British Columbia Institute of Technology (www.bcit.ca) showing that one of the worst vulnerabilities of process plants is the unsecured modem lines found in many facilities. These modems are typically installed with good intentions, as a way to enable remote equipment troubleshooting by vendors. But they are also highly insecure, because they bypass corporate firewalls, Zornio said.

“The biggest concern right now by far is not terrorists,” Zornio added. “It’s viruses. The thing that everybody in our customer base is worried about is how quickly they can get the latest patch from Microsoft certified by Honeywell and installed, to prevent viruses from coming in and taking over.” After viruses, vulnerability to cyber intrusions by computer hackers and terrorists ranks next on customers’ lists of concerns, followed by concerns over physical security issues, Zornio said.

Wes Iversen

Sponsored Recommendations

Food Production: How SEW-EURODRIVE Drives Excellence

Optimize food production with SEW-EURODRIVE’s hygienic, energy-efficient automation and drive solutions for precision, reliability, and sustainability.

Rock Quarry Implements Ignition to Improve Visibility, Safety & Decision-Making

George Reed, with the help of Factory Technologies, was looking to further automate the processes at its quarries and make Ignition an organization-wide standard.

Water Infrastructure Company Replaces Point-To-Point VPN With MQTT

Goodnight Midstream chose Ignition because it could fulfill several requirements: data mining and business intelligence work on the system backend; powerful Linux-based edge deployments...

The Purdue Model And Ignition

In the automation world, the Purdue Model (also known as the Purdue reference model, Purdue network model, ISA 95, or the Automation Pyramid) is a well-known architectural framework...