Managing batch process security

Today’s security threats and vulnerabilities are wide-ranging, often complex and not always understood – particularly in terms of their impact. As such, batch access control should be integrated with managed enterprise security programs that mitigate threats from malicious codes and other sources.


Batch process control systems have seen a great deal of change in recent times, including more connectivity and the use of open standards and protocols from previously proprietary and often isolated environments. The use of “off the shelf” technology brings interoperability, efficiency and other great benefits. But it also creates an ongoing security challenge.


Today’s security threats and vulnerabilities are wide-ranging, often complex and not always understood %%MDASSML%% particularly in terms of the impact they can have on an individual system, a part of a system or the entire production facility. Threats come from a range of internal sources such as removable media, poor change management and disgruntled employees, as well as from external sources such as hackers and connections with other devices and networks.


Threats also increase as new vulnerabilities emerge, meaning that batch process control systems might find their normal operation impacted simply because they share a technology or connection. While this might not necessarily be immediately or directly disruptive to batch operations, it could impact production, efficiency and safety.


For batch operators, the primary focus of process security has been on controlling and managing access to recipes, process operations and process change. But today %%MDASSML%% especially for chemical, pharmaceutical and food industry applications %%MDASSML%% batch access control should be integrated with managed enterprise security programs that mitigate potential threats from terrorists, hackers, malicious codes and other sources that are becoming more prevalent.


Controlling access

The rising use of electronic signatures and other automated security methods has probably been the most significant advance in the area of batch access control. Much of batch security remains driven by regulatory standards, particularly the regulations and guidance the U.S. Food and Drug Administration (FDA) has issued for electronic records and signatures as defined by Code of Federal Regulations (CFR) 21 part 11 . Under this code, electronic records and signatures can be incorporated into electronic batch management systems.


The 21 CFR part 11 code also defines good practices to ensure that batch information is secure, primarily from the standpoint of user authentication. This applies mostly to internal users, primarily for tracking and tracing operations and materials, and to support correction and possible litigation should any product-safety issues emerge. Protecting the batch information from malicious outside threats requires integration with broader enterprise-wide cyber security management programs and policies.


Managing cyber threats


One of the most effective approaches for designing and implementing measures that mitigate security vulnerabilities and threats is known as defense-in-depth (Fig. 1). In the defense-in-depth approach, each layer of the process is evaluated for its criticality, corresponding risk and whether appropriate security measures have been applied. Batch processes, for example, might be most vulnerable in the controls zone, but increasingly subject to threats at the plant network and data center zones. This is but one example; situations may vary from industry to industry and company to company.


This approach ensures that once risks are evaluated, the most critical assets receive the greatest protection. A threat is more likely to trigger a timely response using this approach. When successfully implemented and managed, the defense-in-depth strategy minimizes the likelihood of a successful threat and can prevent intrusion.


Other security measures %%MDASSML%% including host-based firewalls, hardening of workstations, anti-virus programs and vulnerability management %%MDASSML%% mitigate security threats. While taking these appropriate mitigation measures will improve security, ongoing security management is needed for it to remain effective.


A security program should meet the requirements of each system and implementation, but in general the following issues should be considered:


Security assessment %%MDASSML%% One of the first steps in performing a security assessment is developing an understanding of the security position. Analyzing the current position, vulnerabilities and threats will yield an understanding of what the real risks are and help establish the requirements of the security program.


Security policies, procedures and enforcement %%MDASSML%% Effective policy, procedures and enforcement are crucial for safe and reliable batch system operation. The development of policy and supporting procedures should be user- and facility-specific, and should therefore be developed in close cooperation with system stakeholders to ensure the result is workable and effective. Management support at all levels is vital to success. Any corporate or business policy and procedure compliance requirements must also be taken into consideration.


Protection with appropriate technology %%MDASSML%% Technology plays an important part in an overall security approach. Firewalls are just one example of a technology that provides part of a defense-in-depth design, and when implemented and managed correctly can mitigate security threats. However, security is more than just a firewall.


The design and implementation of an architecture using a “Demilitarized Zone” (DMZ) approach provides more secure access and control, and by including additional features such as anti-virus and deep-packet inspection for intrusion detection or prevention, further protection is created. The ongoing management of firewalls and other devices should be carefully considered.


Security training for knowledge transfer %%MDASSML%% Those who have access to a control system %%MDASSML%% either directly or indirectly, frequently or infrequently %%MDASSML%% require appropriate security training to ensure a low-risk batch production environment. This is important to ensuring that those who have any interaction with critical systems understand the impact of their actions. Training is also needed to help those involved with batch control systems understand not only policy, procedures, enforcement, but the wider security objective. In addition, training may be required for the more technical aspects, including firewalls, intrusion detection/prevention, anti-virus updates and so on.


Security management %%MDASSML%% There are many activities included in security management. The resources required for this need to be fully considered, and it could mean a high level of commitment. Compared to plant safety, plant security is well in its infancy. Plant safety programs are well established, continuously monitored, validated and understood; plant security and its management would benefit from a similar approach.


While some security elements such as policy may rarely be updated once in place, other elements need more frequent or even continuous attention. These include anti-virus updates, firewall management, access control, vulnerability management and enforcement. Each system should be assessed for its own need. By following a continuous cycle of assess, design, implement and manage, with supporting elements in each phase, processors have the flexibility needed to maintain a low-risk environment (Fig. 2).


Because security measures help sustain system availability, combining access control with cyber security is a true business enabler. An effective, ongoing vulnerability management process is the foundation of a good batch process security plan. Newly discovered vulnerabilities need to be assessed in a timely fashion, and a course of action determined based on likelihood and impact.


The greatest threat to your operations today comes from doing nothing. By taking steps, first to assess and address, then to understand and manage security, batch processors can mitigate security risks and maintain safe, reliable and compliant operations.



Author Information
Karl Williams is principal security consultant for Invensys Process Systems and Daren Moffatt is business development director for Life Sciences for Invensys Process Systems.

The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
Pipe fabrication and IIoT; 2017 Product of the Year finalists
The future of electrical safety; Four keys to RPM success; Picking the right weld fume option
A new approach to the Skills Gap; Community colleges may hold the key for manufacturing; 2017 Engineering Leaders Under 40
Control room technology innovation; Practical approaches to corrosion protection; Pipeline regulator revises quality programs
The cloud, mobility, and remote operations; SCADA and contextual mobility; Custom UPS empowering a secure pipeline
Infrastructure for natural gas expansion; Artificial lift methods; Disruptive technology and fugitive gas emissions
Power system design for high-performance buildings; mitigating arc flash hazards
VFDs improving motion control applications; Powering automation and IIoT wirelessly; Connecting the dots
Natural gas engines; New applications for fuel cells; Large engines become more efficient; Extending boiler life

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
The maintenance journey has been a long, slow trek for most manufacturers and has gone from preventive maintenance to predictive maintenance.
This digital report explains how plant engineers and subject matter experts (SME) need support for time series data and its many challenges.
This digital report will explore several aspects of how IIoT will transform manufacturing in the coming years.
Maintenance Manager; California Oils Corp.
Associate, Electrical Engineering; Wood Harbinger
Control Systems Engineer; Robert Bosch Corp.
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me