HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Guest Blogs

'Trusted' Security Effort Could Protect Factory, Embedded Networks

NO RATINGS
< Previous Page 2 / 2
View Comments: Newest First|Oldest First|Threaded View
William K.
User Rank
Platinum
Protecting factory networks
William K.   10/9/2011 10:57:44 PM
NO RATINGS
The fact is that my assertion was that a primary way to be secure was to not have the capability present, not wired of fiber or wireless. Tha capability of remotely changing the program would not be present in the system. No, there is no question about it being less convenient, but a disaster is more inconvenient. But if the way to change a calibration or a program requires physicaly operating a switch at the machine, then all remote hackers are kept out. 

Loring Wirbel
User Rank
Blogger
Re: Trusted security effort might possibly protect factory networks.
Loring Wirbel   10/7/2011 8:01:28 PM
NO RATINGS
Thanks Ivan, Chuck, William for great points.  William, the ideal case you raised of a physical control over the hardware network might be re-interpreted by others to say a hard-wired physical-layer network, preferably fiber, should be used for changes in configuration.  Yet someone will always come in and demand wireless updates for reasons of cost, and all the best ideas for trusted systems fly out the window.  This TCG work will be interesting to watch.

 

William K.
User Rank
Platinum
Trusted security effort might possibly protect factory networks.
William K.   10/7/2011 7:45:34 PM
NO RATINGS
The way to protect factory and any other important machine control networks is to not allow the capability of external modification to exist at all. Of course it is more convenient and cheaper to change the program and the parameters over the network. It is also not possible to have this ability and have it be secure, we all know that. But real security does have a real cost, which is that somebody would need to actually visit the controller and alter the program or settings. Any outside access is not completely secure, only fairly secure, and we all know that any security measures only last untill somebody cracks them. And that always happens.

So it becomes a trade-off of costs-which costs more, manual updates or hackers damage? Each can be calculated, and then a decision can be made.

Charles Murray
User Rank
Blogger
Re: Long Overdue
Charles Murray   10/6/2011 6:41:17 PM
NO RATINGS
I agree, Ivan. This underscores the importance of recent "safety microcontroller" rollouts by TI, Freescale, and Renesas. The Embedded Systems Working Group is one more sign that we are collectively paying attention to vulnerabilities of power plants, air traffic control systems, financial systems and, yes, train yards.

Ivan Kirkpatrick
User Rank
Platinum
Long Overdue
Ivan Kirkpatrick   10/6/2011 1:54:12 PM
NO RATINGS
This is long overdue.

The truth of the matter is that the US is extremely vulnerable on so many fronts in this cyber war.  We have so much of our infrastructure that is accessible through the various networks.  air traffic control and electrical generation and distribution systems are all vulnerable.  In fact it is a good bet they are already penetrated and sleeper code is in place to do harm when the controlling organization or country wants to initiate an attack.  I venture it is a safe bet that the US is the most vulnerable of any country.

Another long overdue consideration is that defense in cyberspace is far behind offensive capabilities.  Countries like North Korea are not as susceptible to cyber attack as we are.  They just don't have that much infrastructure to protect.

It will take a great deal of attention and money to bring this situation under control.  Embedded chips made in other countries may not be safe from malicious code being designed into the system fromt he beginning.  Detecting this and preventing it use will require additional efforts that might not be possible with the existing systems. 

Partner Zone
More Blogs from Guest Blogs
Industrial workplaces are governed by OSHA rules, but this isn’t to say that rules are always followed. While injuries happen on production floors for a variety of reasons, of the top 10 OSHA rules that are most often ignored in industrial settings, two directly involve machine design: lockout/tagout procedures (LO/TO) and machine guarding.
Load dump occurs when a discharged battery is disconnected while the alternator is generating current and other loads remain on the alternator circuit. If left alone, the electrical spikes and transients will be transmitted along the power line, leading to malfunctions in individual electronics/sensors or permanent damage to the vehicle’s electronic system. Bottom line: An uncontrolled load dump threatens the overall safety and reliability of the vehicle.
While risk management sounds like one activity, in order to be conducted effectively, it must be broken down into three sub-components: risk assessment, risk monitoring, and response planning.
While many larger companies are still reluctant to rely on wireless networks to transmit important information in industrial settings, there is an increasing acceptance rate of the newer, more robust wireless options that are now available.
To those who have not stepped into additive manufacturing, get involved as soon as possible. This is for the benefit of your company. When the new innovations come out, you want to be ready to take advantage of them immediately, and that takes knowledge.
Design News Webinar Series
3/31/2015 11:00 a.m. California / 2:00 p.m. New York
2/25/2015 11:00 a.m. California / 2:00 p.m. New York
12/11/2014 8:00 a.m. California / 11:00 a.m. New York
12/10/2014 8:00 a.m. California / 11:00 a.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Mar 30 - Apr3, Getting Hands-On with Cypress’ PSoC
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  67


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2015 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service