Managing batch process security

Today’s security threats and vulnerabilities are wide-ranging, often complex and not always understood – particularly in terms of their impact. As such, batch access control should be integrated with managed enterprise security programs that mitigate threats from malicious codes and other sources.


Batch process control systems have seen a great deal of change in recent times, including more connectivity and the use of open standards and protocols from previously proprietary and often isolated environments. The use of “off the shelf” technology brings interoperability, efficiency and other great benefits. But it also creates an ongoing security challenge.


Today’s security threats and vulnerabilities are wide-ranging, often complex and not always understood %%MDASSML%% particularly in terms of the impact they can have on an individual system, a part of a system or the entire production facility. Threats come from a range of internal sources such as removable media, poor change management and disgruntled employees, as well as from external sources such as hackers and connections with other devices and networks.


Threats also increase as new vulnerabilities emerge, meaning that batch process control systems might find their normal operation impacted simply because they share a technology or connection. While this might not necessarily be immediately or directly disruptive to batch operations, it could impact production, efficiency and safety.


For batch operators, the primary focus of process security has been on controlling and managing access to recipes, process operations and process change. But today %%MDASSML%% especially for chemical, pharmaceutical and food industry applications %%MDASSML%% batch access control should be integrated with managed enterprise security programs that mitigate potential threats from terrorists, hackers, malicious codes and other sources that are becoming more prevalent.


Controlling access

The rising use of electronic signatures and other automated security methods has probably been the most significant advance in the area of batch access control. Much of batch security remains driven by regulatory standards, particularly the regulations and guidance the U.S. Food and Drug Administration (FDA) has issued for electronic records and signatures as defined by Code of Federal Regulations (CFR) 21 part 11 . Under this code, electronic records and signatures can be incorporated into electronic batch management systems.


The 21 CFR part 11 code also defines good practices to ensure that batch information is secure, primarily from the standpoint of user authentication. This applies mostly to internal users, primarily for tracking and tracing operations and materials, and to support correction and possible litigation should any product-safety issues emerge. Protecting the batch information from malicious outside threats requires integration with broader enterprise-wide cyber security management programs and policies.


Managing cyber threats


One of the most effective approaches for designing and implementing measures that mitigate security vulnerabilities and threats is known as defense-in-depth (Fig. 1). In the defense-in-depth approach, each layer of the process is evaluated for its criticality, corresponding risk and whether appropriate security measures have been applied. Batch processes, for example, might be most vulnerable in the controls zone, but increasingly subject to threats at the plant network and data center zones. This is but one example; situations may vary from industry to industry and company to company.


This approach ensures that once risks are evaluated, the most critical assets receive the greatest protection. A threat is more likely to trigger a timely response using this approach. When successfully implemented and managed, the defense-in-depth strategy minimizes the likelihood of a successful threat and can prevent intrusion.


Other security measures %%MDASSML%% including host-based firewalls, hardening of workstations, anti-virus programs and vulnerability management %%MDASSML%% mitigate security threats. While taking these appropriate mitigation measures will improve security, ongoing security management is needed for it to remain effective.


A security program should meet the requirements of each system and implementation, but in general the following issues should be considered:


Security assessment %%MDASSML%% One of the first steps in performing a security assessment is developing an understanding of the security position. Analyzing the current position, vulnerabilities and threats will yield an understanding of what the real risks are and help establish the requirements of the security program.


Security policies, procedures and enforcement %%MDASSML%% Effective policy, procedures and enforcement are crucial for safe and reliable batch system operation. The development of policy and supporting procedures should be user- and facility-specific, and should therefore be developed in close cooperation with system stakeholders to ensure the result is workable and effective. Management support at all levels is vital to success. Any corporate or business policy and procedure compliance requirements must also be taken into consideration.


Protection with appropriate technology %%MDASSML%% Technology plays an important part in an overall security approach. Firewalls are just one example of a technology that provides part of a defense-in-depth design, and when implemented and managed correctly can mitigate security threats. However, security is more than just a firewall.


The design and implementation of an architecture using a “Demilitarized Zone” (DMZ) approach provides more secure access and control, and by including additional features such as anti-virus and deep-packet inspection for intrusion detection or prevention, further protection is created. The ongoing management of firewalls and other devices should be carefully considered.


Security training for knowledge transfer %%MDASSML%% Those who have access to a control system %%MDASSML%% either directly or indirectly, frequently or infrequently %%MDASSML%% require appropriate security training to ensure a low-risk batch production environment. This is important to ensuring that those who have any interaction with critical systems understand the impact of their actions. Training is also needed to help those involved with batch control systems understand not only policy, procedures, enforcement, but the wider security objective. In addition, training may be required for the more technical aspects, including firewalls, intrusion detection/prevention, anti-virus updates and so on.


Security management %%MDASSML%% There are many activities included in security management. The resources required for this need to be fully considered, and it could mean a high level of commitment. Compared to plant safety, plant security is well in its infancy. Plant safety programs are well established, continuously monitored, validated and understood; plant security and its management would benefit from a similar approach.


While some security elements such as policy may rarely be updated once in place, other elements need more frequent or even continuous attention. These include anti-virus updates, firewall management, access control, vulnerability management and enforcement. Each system should be assessed for its own need. By following a continuous cycle of assess, design, implement and manage, with supporting elements in each phase, processors have the flexibility needed to maintain a low-risk environment (Fig. 2).


Because security measures help sustain system availability, combining access control with cyber security is a true business enabler. An effective, ongoing vulnerability management process is the foundation of a good batch process security plan. Newly discovered vulnerabilities need to be assessed in a timely fashion, and a course of action determined based on likelihood and impact.


The greatest threat to your operations today comes from doing nothing. By taking steps, first to assess and address, then to understand and manage security, batch processors can mitigate security risks and maintain safe, reliable and compliant operations.



Author Information

Karl Williams is principal security consultant for Invensys Process Systems and Daren Moffatt is business development director for Life Sciences for Invensys Process Systems.

No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2013 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
The true cost of lubrication: Three keys to consider when evaluating oils; Plant Engineering Lubrication Guide; 11 ways to protect bearing assets; Is lubrication part of your KPIs?
Contract maintenance: 5 ways to keep things humming while keeping an eye on costs; Pneumatic systems; Energy monitoring; The sixth 'S' is safety
Transport your data: Supply chain information critical to operational excellence; High-voltage faults; Portable cooling; Safety automation isn't automatic
Case Study Database

Case Study Database

Get more exposure for your case study by uploading it to the Plant Engineering case study database, where end-users can identify relevant solutions and explore what the experts are doing to effectively implement a variety of technology and productivity related projects.

These case studies provide examples of how knowledgeable solution providers have used technology, processes and people to create effective and successful implementations in real-world situations. Case studies can be completed by filling out a simple online form where you can outline the project title, abstract, and full story in 1500 words or less; upload photos, videos and a logo.

Click here to visit the Case Study Database and upload your case study.

Maintaining low data center PUE; Using eco mode in UPS systems; Commissioning electrical and power systems; Exploring dc power distribution alternatives
Synchronizing industrial Ethernet networks; Selecting protocol conversion gateways; Integrating HMIs with PLCs and PACs
Why manufacturers need to see energy in a different light: Current approaches to energy management yield quick savings, but leave plant managers searching for ways of improving on those early gains.

Annual Salary Survey

Participate in the 2013 Salary Survey

In a year when manufacturing continued to lead the economic rebound, it makes sense that plant manager bonuses rebounded. Plant Engineering’s annual Salary Survey shows both wages and bonuses rose in 2012 after a retreat the year before.

Average salary across all job titles for plant floor management rose 3.5% to $95,446, and bonus compensation jumped to $15,162, a 4.2% increase from the 2010 level and double the 2011 total, which showed a sharp drop in bonus.

2012 Salary Survey Analysis

2012 Salary Survey Results

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.