Ensuring plant security without compromising open technology

Use of Ethernet from top-to-shop floor and demand for global access to real-time production data has created the need to implement a security methodology and new security policies. A mere minute of production downtime can translate to the loss of thousands of dollars. But what if your manufacturing systems were hacked and shut down for an entire day? The focus on system security has also been g...


Key Concepts
  • The evolution from proprietary to open system architectures is introducing the plant floor to security risks.

  • Today's production processes are tightly coupled with up-stream and down- stream supply chain elements.

  • An organization's security methodology should begin by defining what it wants to protect.

    Open operation means increased risk
    Security methodology defines security needs
    Situation analysis
    Support and maintenance



    Use of Ethernet from top-to-shop floor and demand for global access to real-time production data has created the need to implement a security methodology and new security policies.


    A mere minute of production downtime can translate to the loss of thousands of dollars. But what if your manufacturing systems were hacked and shut down for an entire day? The focus on system security has also been growing due to the steady stream of e-mail attacks.


    While most breaches have affected the office environment, the evolution from proprietary to open system architectures is introducing the plant floor to similar risks. According to the Computer Security Institute, the cost of network intrusions for the average company has doubled in the past year (from $976,000 in 2000 to $1,928,000 in 2001 (Fig. 1). The costs of security leaks have also doubled from $67 million in 2000 to $151 million in 2001 (Fig. 2).



    Fig. 1. (Above left) The cost of network intrusions has doubled in the past year, from $976,000 in 2000 to $1,928,000 in 2001.


    Fig. 2. (Above right) The cost of security leaks has doubled from $67 million in 2000 to $151 million in 2001.


    These costs are significant, but the cost of a single security breach could be much higher for the plant floor since assets include more than just business information; they include the manufacturing processes, facilities, equipment, and people.


    What if your production recipe was stolen?


    What if a cutting machine was shutdown for routine maintenance, then an offsite engineer accesses the process control network via the intranet, monitors the nonfunctioning machine, and selects to activate it?


    What if an engineer were to enter the wrong IP address, causing a valve to open, thereby emitting a toxic gas?


    Open operation means increased risk

    Historically, manufacturing was viewed as an island isolated from other elements within the supply chain. In fact, great care was taken to decouple manufacturing from the risks of supplier shortages and demand fluctuations from customers. While simple to build, this model was both inefficient and unresponsive. End users were unable to exchange data with business systems, and communication was segregated throughout the plant.


    Today's production processes are tightly coupled with both upstream and downstream elements within the supply chain. The advantages include both productivity and flexibility improvements, with build-to-order, predictive maintenance, and e-procurement capabilities for MRO supplies being just a few of the programs that can be implemented.


    As data from the factory floor becomes more important for daily and real-time business decisions, end users need to take the proper steps to secure these data. This helps ensure that the benefits of a seamless supply chain outweigh the risk and exposure to information security breaches.


    Ethernet has played a key role in creating today's tightly coupled manufacturing enterprise. To its credit, Ethernet has many benefits, such as availability, familiarity, and cost. These advantages have made it a popular choice for a wide range of industrial applications. But there are two major aspects to consider — interoperability and security — when using Ethernet in industrial control applications.


    Transmission control protocol/internet protocol (TCP/IP) is the network and transport-layer protocol of the internet and is commonly linked with Ethernet in the business world. The TCP/IP protocol suite provides a set of services that two devices may use to communicate with each other over an Ethernet local area network (LAN) or over a wide area network (WAN) that spans the globe.


    However, using TCP/IP alone does not guarantee that two devices can communicate effectively, if at all. It only guarantees that application-level messages will be successfully transferred between the two devices. For interoperability, a common, open Ethernet stack such as EtherNet/IP is needed to guarantee data exchange with I/O control capability between two Ethernet devices.


    As for the security issue, care must be taken when designing and installing an Ethernet network on the plant floor. Ethernet TCP/IP has a bright future in industrial automation applications. However, it is imperative to secure the plant floor from both external and internal intrusions. Consistently applying a security methodology is one way to minimize the risk attached to open technologies.


    Security methodology defines security needs

    An organization's security methodology should begin by defining what it wants to protect. In many cases, this includes hard assets, such as the manufacturing process, production equipment, manufacturing facilities, raw material inventory, finished product inventory, personnel safety, and environmental protection.


    But it also includes soft assets, such as production schedules, production rates, capacity, yield, customer information, process conditions, set points, product specifications, recipes, operating procedures, and quality data.


    While there is more than one way to address an organization's security issues, a security methodology that includes four basic steps — situation analysis, design, implementation, and support/maintenance — is recommended (Fig. 3).



    Fig. 3. This block diagram shows a typical LAN security methodology. Devices connected to the plant floor Ethernet are protected by multiple LAN layers and firewalls.


    Situation analysis


    After defining assets, the situation analysis phase involves reviewing an organization's existing security policies, soliciting participation from stakeholders, understanding the functional objectives, understanding threats, analyzing risk, and educating employees.


    In a typical application, the three main threats are:


    • People from inside the process control network who are trying to access remote resources via the internet, extranet, or intranet.

    • People outside the process control network who are trying to access the process control network via the internet, extranet, or intranet.

    • The physical connections between the process control network and external networks.

      • Design

        During the design phase, end users will select migration strategies based on the risk analysis performed in the earlier phase. Antivirus software is the most widely used protection strategy (with nearly 100% of all PCs having antivirus protection). Firewalls, which are coming down in price ($500-$10,000 each, depending on functionality), are also very popular.

        A typical architecture places firewalls between the internet and the business level network. Since communication between the business systems and the process networks is often based on Ethernet, the question is frequently raised about whether a firewall is needed between these two levels. Regardless of placement, a common mistake is thinking that firewalls are all that is necessary to protect a system. A secure system requires much more. Strict access control procedures, such as a two-way user authentication (for example, a password plus PIN number), are recommended. Security may also involve virtual/private networks (VPNs) for remote access, data encryption, digital certificates, intrusion detection software, or using a separate, redundant network for process control.

        Another aspect to plant security involves a focus on inside intrusions, which cause 50% of all security breaches. Inside intrusions could be the result of a disgruntled employee, but more often than not, they are unintentional.

        For example, let's say a company provides remote access to the process control network. One wrong keystroke could change an IP address, and consequently alter the parameters of the wrong machine or device. Another inside intrusion could be caused by an attempt to change the recipe at one plant, but inadvertently changing the recipe in another plant. This is especially possible if the intranet does not provide clear location paths.

        It's enticing to think about being able to sit in a remote office or the comfort of your home and control the plant. But access to setpoints and equipment controls must be protected by multiple security mechanisms in a LAN or WAN.

        If the risk is too great, remote access should be limited to monitoring, advising, modeling, and undertaking what-if analysis on information — not direct interaction with the control environment.


        The implementation phase involves applying the hardware and software solutions selected during the design phase. Integral to a successful implementation is the understanding of your process and the needed application functionality identified during the design phase. Firewalls offer many features, which need to be carefully selected and configured by trained personnel with security implementation experience.

        Support and maintenance

        As the end user begins the supporting and maintaining phase, the most crucial step involves access control. Reusable authorization codes are a common area of concern. Also important are routine updates to the organization's policies, vulnerability analysis, disaster recovery plans, and intrusion detection software. New employees should also be kept up-to-date about their security roles and responsibilities.


        Ethernet and other open networking and computing technologies continue to achieve acceptance in manufacturing environments, with real cost and productivity gains for the user. Unfortunately, along with the benefits come the vulnerabilities we've all experienced in the office environment. Keeping the destructive elements away from your valuable manufacturing assets requires a well-planned, well-executed security information methodology.

        Edited by Jack Smith, Senior Editor, 630-288-8783, jsmith@reedbusiness.com

        More Info

        The author is available to answer questions about this article. He can be reached by phone at 440-646-3105, or by e-mail at asomogyi@ra.rockwell.com .

    Top Plant
    The Top Plant program honors outstanding manufacturing facilities in North America.
    Product of the Year
    The Product of the Year program recognizes products newly released in the manufacturing industries.
    System Integrator of the Year
    Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
    October 2018
    Tools vs. sensors, functional safety, compressor rental, an operational network of maintenance and safety
    September 2018
    2018 Engineering Leaders under 40, Women in Engineering, Six ways to reduce waste in manufacturing, and Four robot implementation challenges.
    GAMS preview, 2018 Mid-Year Report, EAM and Safety
    October 2018
    2018 Product of the Year; Subsurface data methodologies; Digital twins; Well lifecycle data
    August 2018
    SCADA standardization, capital expenditures, data-driven drilling and execution
    June 2018
    Machine learning, produced water benefits, programming cavity pumps
    Spring 2018
    Burners for heat-treating furnaces, CHP, dryers, gas humidification, and more
    October 2018
    Complex upgrades for system integrators; Process control safety and compliance
    September 2018
    Effective process analytics; Four reasons why LTE networks are not IIoT ready

    Annual Salary Survey

    After two years of economic concerns, manufacturing leaders once again have homed in on the single biggest issue facing their operations:

    It's the workers—or more specifically, the lack of workers.

    The 2017 Plant Engineering Salary Survey looks at not just what plant managers make, but what they think. As they look across their plants today, plant managers say they don’t have the operational depth to take on the new technologies and new challenges of global manufacturing.

    Read more: 2017 Salary Survey

    The Maintenance and Reliability Coach's blog
    Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
    One Voice for Manufacturing
    The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
    The Maintenance and Reliability Professionals Blog
    The Society for Maintenance and Reliability Professionals an organization devoted...
    Machine Safety
    Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
    Research Analyst Blog
    IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
    Marshall on Maintenance
    Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
    Lachance on CMMS
    The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
    Material Handling
    This digital report explains how everything from conveyors and robots to automatic picking systems and digital orders have evolved to keep pace with the speed of change in the supply chain.
    Electrical Safety Update
    This digital report explains how plant engineers need to take greater care when it comes to electrical safety incidents on the plant floor.
    IIoT: Machines, Equipment, & Asset Management
    Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
    Randy Steele
    Maintenance Manager; California Oils Corp.
    Matthew J. Woo, PE, RCDD, LEED AP BD+C
    Associate, Electrical Engineering; Wood Harbinger
    Randy Oliver
    Control Systems Engineer; Robert Bosch Corp.
    Data Centers: Impacts of Climate and Cooling Technology
    This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
    Safety First: Arc Flash 101
    This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
    Critical Power: Hospital Electrical Systems
    This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
    Design of Safe and Reliable Hydraulic Systems for Subsea Applications
    This eGuide explains how the operation of hydraulic systems for subsea applications requires the user to consider additional aspects because of the unique conditions that apply to the setting
    click me