HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Blog

Plant Security: From Assets to iPhones

NO RATINGS
View Comments: Newest First|Oldest First|Threaded View
bobjengr
User Rank
Platinum
PLANT SECURITY
bobjengr   8/9/2014 1:48:55 PM
NO RATINGS
Excellent point about the need for continuous updates when using systems aimed at providing IT to the factory floor.  I would also include daily back-ups of data and storage on servers dedicated solely to that purpose.  During my time with GE, we frequently needed data to provide input for Six Sigma exercises and to calculate the capability of processes within the various factories.  We would take data from all three shifts to get a feel for any loss of quality over a 24 hour period of time.  Loss of data became a real problem for us and basically required starting over with investigations.  In today's world, in-plant security is probably much more important that mere loss of data.  Any attempts to strengthen security are definitely welcomed.  Excellent post Rob.

jcbond_mi
User Rank
Gold
Plant Security - General
jcbond_mi   8/8/2014 1:52:18 PM
NO RATINGS
This article really just touches the surface of this issue.  Plant security is really a big, difficult, and, in some ways, frightening subject.

Most people have heard of Stuxnet, the virus used to attack the Iranian nuclear enrichment facility at Natanz.  Near as most people can guess, this was a combined effort on the part of at least one government and one or more private companies.  BUT -Stuxnet is still around.  other users have adapted it.  Other viruses have been created.  The problems are several.

1.  Factory control has a different paradigm for networking than outside IT.  The priority is that everything works, and if anything fails, it can be quickly remedied.  Maybe another way to put it is that the data networks are simple to understand and easily back-doored.  There is little in the way of native security, since this can be an obstacle to recovery.

2.  Factory control networking was, up until recently relatively obscure and untested. The security was by a combination of obscurity and what was though to be a lack of connection to the outside world.  Totally impractical, considering that Stuxnet's primary infection mode was tossing infected USB thumb drives into the facility's parking lot, thereby infecting programming terminals.  the example given of someone plugging in their phone/personal device and infecting a production network happens.  A lot.

3.  These systems are used to control things we care a whole heckuva a lot about:  Water/Wastewater treatment for example.

4.  These systems have long update times, and users are loathe to make updates without clear and compelling reasons to do so.  See note 1;  you don't make changes lightly to a working system that is running 24 hours a day, 7 days a  week, all year (with maybe a short specified maintenance interval).  So much of what is currently making cars, pumping oil, and manufacturing medical equipment is pretty doggone old.

Things are beginning to change, but it's slow.  There is a joint IEC/IEEE committee working on a standard for industrial security;  when that actually come out is when I predict we will see widespread change.  Where there are security standards, companies will follow - or face shareholder lawsuits for negligence, and maybe an inability to get insurance for a facility unless it is 'up to code'.

Rob Spiegel
User Rank
Blogger
Re: I had no idea that plants are facing that many threats
Rob Spiegel   8/6/2014 10:21:04 AM
NO RATINGS
Great idea, James. Breaches can really slam a company. Target took a huge stock price hit yesterday, which was viewed as further fallout from its breach a few months ago.

jamesshaffer85
User Rank
Iron
I had no idea that plants are facing that many threats
jamesshaffer85   8/6/2014 10:14:31 AM
NO RATINGS
I had no idea that plants are facing that many threats. But now I totally agree with you that all of them deserve serious consideration. I'm going even to order a custom term paper on this topic from place4papers.com, the leading research paper writing service in its field.

Partner Zone
More Blogs
Halloween isn’t just a time for creative costumes. Thanks to the element14 online design community, the holiday this year also brings us a number of creative electronic device design ideas aimed at making your Halloween party a unique experience.
On April 15, 2010, President Barack Obama gave a major speech at the Kennedy Space Center in Florida, announcing that the US would send astronauts to Mars by the mid-2030s. But in order to do so, NASA would first need to ramp up its capabilities through missions directed toward "a series of increasingly demanding targets," i.e. asteroids.
Selfies have already ruined your nights out and your social media feeds. Now they're after your breakfast.
Bigger than an iPhone 6 Plus, but smaller than an iPad Air 2. What am I? If you answered iPad Mini 3, you are correct.
Here are 10 robots that are designed to work effectively and safely with humans.
Design News Webinar Series
10/7/2014 8:00 a.m. California / 11:00 a.m. New York
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Nov 3 - 7, Engineering Principles behind Advanced User Interface Technologies
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Last Archived Class
Sponsored by Littelfuse
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service