Cyber security: Vendors fight back

New aspects of control system software are reducing the need for manufacturing IT personnel to be security experts.

11/01/2009


There is increasing attention by control system vendors to enhance cyber security and operate better in corporate IT environments. This attention is good because cyber threats are not decreasing and, at the same time, corporate IT environments are becoming more protected. While governments have focused on cyber security for “critical infrastructure” industries, such as water, power, telecommunications, and transportation, cyber security also is important for all manufacturing industries.

Some control vendors are using an increasingly popular method of bundling anti-virus and spyware protection with their products. Vendors test the latest version of antivirus software and operating system patches against their software, reducing your need to test and validate security patches and updates. In most cases the operating system (OS) patches are the latest Microsoft patches released on “Patch Tuesday” and are available from the vendor within one or two weeks of the Microsoft release. This gives the vendor time to test all standard configurations. The vendors will then redistribute the patches, executables, and signature (.dat) files that have been successfully tested along with notices of patches or updates that should not be applied. Vendor redistributed patches may also include JAVA updates, browser updates, and Adobe updates if this software is used in their products.

Another cyber security feature that more vendors are offering is preconfigured OS configurations. These are configurations which have unneeded services removed, ports locked, hardware disabled (such as DVD drives and USB ports configured for thumb drives), unneeded applications removed, and security settings preconfigured. These systems reduce the errors associated with the installation of software and configuration of the hundreds of options and services installed with a default OS installation.

While this increased attention by control vendors is a good thing—because it reduces the need for manufacturing IT personnel to be security experts—it does present another set of interfaces for manufacturing IT and corporate IT.

The first issue that often has to be addressed is the antivirus software vendor. Control vendors will pick one antivirus vendor to test and ship with their systems. However, their selected antivirus vendor will probably not be the same as the corporate antivirus vendor. It is important to work with corporate IT to place all of your control vendor’s antivirus vendors on the approved use list. This may be easy in small companies but difficult in large companies because of the number of control vendors used.

Scheduling downloads and patches must also be coordinated with corporate IT. Many large companies will control downloads through a Microsoft Systems Management Server or equivalent. The control vendor patches and upgrades must be set up in a separate domain, subdomain, or OU (organizational unit) so that manufacturing IT can initiate downloads at times that will not impact operations, quality, and safety.

Another new aspect of control software is the increasing use of Microsoft Active Directory and Microsoft domains to control accounts, passwords, and privileges. Managing this information requires careful coordination with corporate IT.

There are multiple options for integrating control domains and corporate domains, but the situation will be complicated if you have multiple control vendors. Check with your control vendors to see if they require a separate domain, if they can operate as a subdomain, or if they can operate in an OU within the corporate domain. Each option provides a different level of local control and different level of corporate oversight.

Increased attention by control system vendors to cyber security and operation within corporate IT environments will help your company. Cyber threats continue to proliferate and operating within a protected corporate IT environment is critical to safe and secure manufacturing operations.

 


Author Information

Dennis Brandl is president of BR&L Consulting in Cary, NC, www.brlconsulting.com . His firm focuses on manufacturing IT. Contact Dennis at dbrandl@brlconsulting.com .




No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Your leaks start here: Take a disciplined approach with your hydraulic system; U.S. presence at Hannover Messe a rousing success
Hannover Messe 2016: Taking hold of the future - Partner Country status spotlights U.S. manufacturing; Honoring manufacturing excellence: The 2015 Product of the Year Winners
Inside IIoT: How technology, strategy can improve your operation; Dry media or web scrubber?; Six steps to design a PM program
Getting to the bottom of subsea repairs: Older pipelines need more attention, and operators need a repair strategy; OTC preview; Offshore production difficult - and crucial
Digital oilfields: Integrated HMI/SCADA systems enable smarter data acquisition; Real-world impact of simulation; Electric actuator technology prospers in production fields
Special report: U.S. natural gas; LNG transport technologies evolve to meet market demand; Understanding new methane regulations; Predictive maintenance for gas pipeline compressors
Warehouse winter comfort: The HTHV solution; Cooling with natural gas; Plastics industry booming
Managing automation upgrades, retrofits; Making technical, business sense; Ensuring network cyber security
Designing generator systems; Using online commissioning tools; Selective coordination best practices

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role that compressed air plays in manufacturing plants.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
This article collection contains several articles on strategic maintenance and understanding all the parts of your plant.
click me