Cyber security: Vendors fight back

New aspects of control system software are reducing the need for manufacturing IT personnel to be security experts.


There is increasing attention by control system vendors to enhance cyber security and operate better in corporate IT environments. This attention is good because cyber threats are not decreasing and, at the same time, corporate IT environments are becoming more protected. While governments have focused on cyber security for “critical infrastructure” industries, such as water, power, telecommunications, and transportation, cyber security also is important for all manufacturing industries.

Some control vendors are using an increasingly popular method of bundling anti-virus and spyware protection with their products. Vendors test the latest version of antivirus software and operating system patches against their software, reducing your need to test and validate security patches and updates. In most cases the operating system (OS) patches are the latest Microsoft patches released on “Patch Tuesday” and are available from the vendor within one or two weeks of the Microsoft release. This gives the vendor time to test all standard configurations. The vendors will then redistribute the patches, executables, and signature (.dat) files that have been successfully tested along with notices of patches or updates that should not be applied. Vendor redistributed patches may also include JAVA updates, browser updates, and Adobe updates if this software is used in their products.

Another cyber security feature that more vendors are offering is preconfigured OS configurations. These are configurations which have unneeded services removed, ports locked, hardware disabled (such as DVD drives and USB ports configured for thumb drives), unneeded applications removed, and security settings preconfigured. These systems reduce the errors associated with the installation of software and configuration of the hundreds of options and services installed with a default OS installation.

While this increased attention by control vendors is a good thing—because it reduces the need for manufacturing IT personnel to be security experts—it does present another set of interfaces for manufacturing IT and corporate IT.

The first issue that often has to be addressed is the antivirus software vendor. Control vendors will pick one antivirus vendor to test and ship with their systems. However, their selected antivirus vendor will probably not be the same as the corporate antivirus vendor. It is important to work with corporate IT to place all of your control vendor’s antivirus vendors on the approved use list. This may be easy in small companies but difficult in large companies because of the number of control vendors used.

Scheduling downloads and patches must also be coordinated with corporate IT. Many large companies will control downloads through a Microsoft Systems Management Server or equivalent. The control vendor patches and upgrades must be set up in a separate domain, subdomain, or OU (organizational unit) so that manufacturing IT can initiate downloads at times that will not impact operations, quality, and safety.

Another new aspect of control software is the increasing use of Microsoft Active Directory and Microsoft domains to control accounts, passwords, and privileges. Managing this information requires careful coordination with corporate IT.

There are multiple options for integrating control domains and corporate domains, but the situation will be complicated if you have multiple control vendors. Check with your control vendors to see if they require a separate domain, if they can operate as a subdomain, or if they can operate in an OU within the corporate domain. Each option provides a different level of local control and different level of corporate oversight.

Increased attention by control system vendors to cyber security and operation within corporate IT environments will help your company. Cyber threats continue to proliferate and operating within a protected corporate IT environment is critical to safe and secure manufacturing operations.


Author Information

Dennis Brandl is president of BR&L Consulting in Cary, NC, . His firm focuses on manufacturing IT. Contact Dennis at .

No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Safety for 18 years, warehouse maintenance tips, Ethernet and the IIoT, GAMS 2016 recap
2016 Engineering Leaders Under 40; Future vision: Where is manufacturing headed?; Electrical distribution, redefined
Strategic outsourcing delivers efficiency; Sleeve bearing clearance; Causes of water hammer; Improve air quality; Maintenance safety; GAMS preview
SCADA at the junction, Managing risk through maintenance, Moving at the speed of data
Safety at every angle, Big Data's impact on operations, bridging the skills gap
The digital oilfield: Utilizing Big Data can yield big savings; Virtualization a real solution; Tracking SIS performance
Applying network redundancy; Overcoming loop tuning challenges; PID control and networks
Driving motor efficiency; Preventing arc flash in mission critical facilities; Integrating alternative power and existing electrical systems
Package boilers; Natural gas infrared heating; Thermal treasure; Standby generation; Natural gas supports green efforts

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role of plant safety and offers advice on best practices.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
This article collection contains several articles on strategic maintenance and understanding all the parts of your plant.
click me