Managing batch process security

Today’s security threats and vulnerabilities are wide-ranging, often complex and not always understood – particularly in terms of their impact. As such, batch access control should be integrated with managed enterprise security programs that mitigate threats from malicious codes and other sources.


Batch process control systems have seen a great deal of change in recent times, including more connectivity and the use of open standards and protocols from previously proprietary and often isolated environments. The use of “off the shelf” technology brings interoperability, efficiency and other great benefits. But it also creates an ongoing security challenge.


Today’s security threats and vulnerabilities are wide-ranging, often complex and not always understood %%MDASSML%% particularly in terms of the impact they can have on an individual system, a part of a system or the entire production facility. Threats come from a range of internal sources such as removable media, poor change management and disgruntled employees, as well as from external sources such as hackers and connections with other devices and networks.


Threats also increase as new vulnerabilities emerge, meaning that batch process control systems might find their normal operation impacted simply because they share a technology or connection. While this might not necessarily be immediately or directly disruptive to batch operations, it could impact production, efficiency and safety.


For batch operators, the primary focus of process security has been on controlling and managing access to recipes, process operations and process change. But today %%MDASSML%% especially for chemical, pharmaceutical and food industry applications %%MDASSML%% batch access control should be integrated with managed enterprise security programs that mitigate potential threats from terrorists, hackers, malicious codes and other sources that are becoming more prevalent.


Controlling access

The rising use of electronic signatures and other automated security methods has probably been the most significant advance in the area of batch access control. Much of batch security remains driven by regulatory standards, particularly the regulations and guidance the U.S. Food and Drug Administration (FDA) has issued for electronic records and signatures as defined by Code of Federal Regulations (CFR) 21 part 11 . Under this code, electronic records and signatures can be incorporated into electronic batch management systems.


The 21 CFR part 11 code also defines good practices to ensure that batch information is secure, primarily from the standpoint of user authentication. This applies mostly to internal users, primarily for tracking and tracing operations and materials, and to support correction and possible litigation should any product-safety issues emerge. Protecting the batch information from malicious outside threats requires integration with broader enterprise-wide cyber security management programs and policies.


Managing cyber threats


One of the most effective approaches for designing and implementing measures that mitigate security vulnerabilities and threats is known as defense-in-depth (Fig. 1). In the defense-in-depth approach, each layer of the process is evaluated for its criticality, corresponding risk and whether appropriate security measures have been applied. Batch processes, for example, might be most vulnerable in the controls zone, but increasingly subject to threats at the plant network and data center zones. This is but one example; situations may vary from industry to industry and company to company.


This approach ensures that once risks are evaluated, the most critical assets receive the greatest protection. A threat is more likely to trigger a timely response using this approach. When successfully implemented and managed, the defense-in-depth strategy minimizes the likelihood of a successful threat and can prevent intrusion.


Other security measures %%MDASSML%% including host-based firewalls, hardening of workstations, anti-virus programs and vulnerability management %%MDASSML%% mitigate security threats. While taking these appropriate mitigation measures will improve security, ongoing security management is needed for it to remain effective.


A security program should meet the requirements of each system and implementation, but in general the following issues should be considered:


Security assessment %%MDASSML%% One of the first steps in performing a security assessment is developing an understanding of the security position. Analyzing the current position, vulnerabilities and threats will yield an understanding of what the real risks are and help establish the requirements of the security program.


Security policies, procedures and enforcement %%MDASSML%% Effective policy, procedures and enforcement are crucial for safe and reliable batch system operation. The development of policy and supporting procedures should be user- and facility-specific, and should therefore be developed in close cooperation with system stakeholders to ensure the result is workable and effective. Management support at all levels is vital to success. Any corporate or business policy and procedure compliance requirements must also be taken into consideration.


Protection with appropriate technology %%MDASSML%% Technology plays an important part in an overall security approach. Firewalls are just one example of a technology that provides part of a defense-in-depth design, and when implemented and managed correctly can mitigate security threats. However, security is more than just a firewall.


The design and implementation of an architecture using a “Demilitarized Zone” (DMZ) approach provides more secure access and control, and by including additional features such as anti-virus and deep-packet inspection for intrusion detection or prevention, further protection is created. The ongoing management of firewalls and other devices should be carefully considered.


Security training for knowledge transfer %%MDASSML%% Those who have access to a control system %%MDASSML%% either directly or indirectly, frequently or infrequently %%MDASSML%% require appropriate security training to ensure a low-risk batch production environment. This is important to ensuring that those who have any interaction with critical systems understand the impact of their actions. Training is also needed to help those involved with batch control systems understand not only policy, procedures, enforcement, but the wider security objective. In addition, training may be required for the more technical aspects, including firewalls, intrusion detection/prevention, anti-virus updates and so on.


Security management %%MDASSML%% There are many activities included in security management. The resources required for this need to be fully considered, and it could mean a high level of commitment. Compared to plant safety, plant security is well in its infancy. Plant safety programs are well established, continuously monitored, validated and understood; plant security and its management would benefit from a similar approach.


While some security elements such as policy may rarely be updated once in place, other elements need more frequent or even continuous attention. These include anti-virus updates, firewall management, access control, vulnerability management and enforcement. Each system should be assessed for its own need. By following a continuous cycle of assess, design, implement and manage, with supporting elements in each phase, processors have the flexibility needed to maintain a low-risk environment (Fig. 2).


Because security measures help sustain system availability, combining access control with cyber security is a true business enabler. An effective, ongoing vulnerability management process is the foundation of a good batch process security plan. Newly discovered vulnerabilities need to be assessed in a timely fashion, and a course of action determined based on likelihood and impact.


The greatest threat to your operations today comes from doing nothing. By taking steps, first to assess and address, then to understand and manage security, batch processors can mitigate security risks and maintain safe, reliable and compliant operations.



Author Information
Karl Williams is principal security consultant for Invensys Process Systems and Daren Moffatt is business development director for Life Sciences for Invensys Process Systems.

Top Plant
The Top Plant program honors outstanding manufacturing facilities in North America.
Product of the Year
The Product of the Year program recognizes products newly released in the manufacturing industries.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
November 2018
2018 Product of the Year finalists, mild steel welding: finding the right filler, and new technique joins aluminum to steel.
October 2018
Tools vs. sensors, functional safety, compressor rental, an operational network of maintenance and safety
September 2018
2018 Engineering Leaders under 40, Women in Engineering, Six ways to reduce waste in manufacturing, and Four robot implementation challenges.
October 2018
2018 Product of the Year; Subsurface data methodologies; Digital twins; Well lifecycle data
August 2018
SCADA standardization, capital expenditures, data-driven drilling and execution
June 2018
Machine learning, produced water benefits, programming cavity pumps
Summer 2018
Microgrids and universities, Steam traps and energy efficiency, Finding help with energy projects
October 2018
Complex upgrades for system integrators; Process control safety and compliance
November 2018
Analytics quantify processes, Fieldbus networking and IIoT, Choosing the right accelerometer

Annual Salary Survey

After two years of economic concerns, manufacturing leaders once again have homed in on the single biggest issue facing their operations:

It's the workers—or more specifically, the lack of workers.

The 2017 Plant Engineering Salary Survey looks at not just what plant managers make, but what they think. As they look across their plants today, plant managers say they don’t have the operational depth to take on the new technologies and new challenges of global manufacturing.

Read more: 2017 Salary Survey

The Maintenance and Reliability Coach's blog
Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
One Voice for Manufacturing
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Maintenance and Reliability Professionals Blog
The Society for Maintenance and Reliability Professionals an organization devoted...
Machine Safety
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
Research Analyst Blog
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Marshall on Maintenance
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
Lachance on CMMS
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
Material Handling
This digital report explains how everything from conveyors and robots to automatic picking systems and digital orders have evolved to keep pace with the speed of change in the supply chain.
Electrical Safety Update
This digital report explains how plant engineers need to take greater care when it comes to electrical safety incidents on the plant floor.
IIoT: Machines, Equipment, & Asset Management
Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
Randy Steele
Maintenance Manager; California Oils Corp.
Matthew J. Woo, PE, RCDD, LEED AP BD+C
Associate, Electrical Engineering; Wood Harbinger
Randy Oliver
Control Systems Engineer; Robert Bosch Corp.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Design of Safe and Reliable Hydraulic Systems for Subsea Applications
This eGuide explains how the operation of hydraulic systems for subsea applications requires the user to consider additional aspects because of the unique conditions that apply to the setting
click me