HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Blog

Plant Security: From Assets to iPhones

NO RATINGS
View Comments: Newest First|Oldest First|Threaded View
bobjengr
User Rank
Platinum
PLANT SECURITY
bobjengr   8/9/2014 1:48:55 PM
NO RATINGS
Excellent point about the need for continuous updates when using systems aimed at providing IT to the factory floor.  I would also include daily back-ups of data and storage on servers dedicated solely to that purpose.  During my time with GE, we frequently needed data to provide input for Six Sigma exercises and to calculate the capability of processes within the various factories.  We would take data from all three shifts to get a feel for any loss of quality over a 24 hour period of time.  Loss of data became a real problem for us and basically required starting over with investigations.  In today's world, in-plant security is probably much more important that mere loss of data.  Any attempts to strengthen security are definitely welcomed.  Excellent post Rob.

jcbond_mi
User Rank
Gold
Plant Security - General
jcbond_mi   8/8/2014 1:52:18 PM
NO RATINGS
This article really just touches the surface of this issue.  Plant security is really a big, difficult, and, in some ways, frightening subject.

Most people have heard of Stuxnet, the virus used to attack the Iranian nuclear enrichment facility at Natanz.  Near as most people can guess, this was a combined effort on the part of at least one government and one or more private companies.  BUT -Stuxnet is still around.  other users have adapted it.  Other viruses have been created.  The problems are several.

1.  Factory control has a different paradigm for networking than outside IT.  The priority is that everything works, and if anything fails, it can be quickly remedied.  Maybe another way to put it is that the data networks are simple to understand and easily back-doored.  There is little in the way of native security, since this can be an obstacle to recovery.

2.  Factory control networking was, up until recently relatively obscure and untested. The security was by a combination of obscurity and what was though to be a lack of connection to the outside world.  Totally impractical, considering that Stuxnet's primary infection mode was tossing infected USB thumb drives into the facility's parking lot, thereby infecting programming terminals.  the example given of someone plugging in their phone/personal device and infecting a production network happens.  A lot.

3.  These systems are used to control things we care a whole heckuva a lot about:  Water/Wastewater treatment for example.

4.  These systems have long update times, and users are loathe to make updates without clear and compelling reasons to do so.  See note 1;  you don't make changes lightly to a working system that is running 24 hours a day, 7 days a  week, all year (with maybe a short specified maintenance interval).  So much of what is currently making cars, pumping oil, and manufacturing medical equipment is pretty doggone old.

Things are beginning to change, but it's slow.  There is a joint IEC/IEEE committee working on a standard for industrial security;  when that actually come out is when I predict we will see widespread change.  Where there are security standards, companies will follow - or face shareholder lawsuits for negligence, and maybe an inability to get insurance for a facility unless it is 'up to code'.

Rob Spiegel
User Rank
Blogger
Re: I had no idea that plants are facing that many threats
Rob Spiegel   8/6/2014 10:21:04 AM
NO RATINGS
Great idea, James. Breaches can really slam a company. Target took a huge stock price hit yesterday, which was viewed as further fallout from its breach a few months ago.

jamesshaffer85
User Rank
Iron
I had no idea that plants are facing that many threats
jamesshaffer85   8/6/2014 10:14:31 AM
NO RATINGS
I had no idea that plants are facing that many threats. But now I totally agree with you that all of them deserve serious consideration. I'm going even to order a custom term paper on this topic from place4papers.com, the leading research paper writing service in its field.

Partner Zone
More Blogs
It's been two years since the Mac Mini's last appearance on iFixit's teardown table, but a newly revised version joins Apple's lineup this week.
Science fiction author Isaac Asimov may have the best rules for effective brainstorming and creativity. His never-before-published essay, "On Creativity," recently made it to the Web pages of MIT Technology Review.
Much has been made over the potentially dangerous flammability of lithium-ion batteries after major companies like Boeing, Sony, and Tesla have grappled with well-publicized battery fires. Researchers at Stanford University may have come up with a solution to this problem with a smart sensor for lithium-ion batteries that provides a warning if the battery is about to overheat or catch fire.
In this new Design News feature, "How it Works," we’re starting off by examining the inner workings of the electronic cigarette. While e-cigarettes seemed like a gimmick just two or three years ago, they’re catching fire -- so to speak. Sales topped $1 billion last year and are set to hit $10 billion by 2017. Cigarette companies are fighting back by buying up e-cigarette manufacturers.
Advertised as the "Most Powerful Tablet Under $100," the Kindle Fire HD 6 was too tempting for the team at iFixit to pass up. Join us to find out if inexpensive means cheap, irreparable, or just down right economical. It's teardown time!
Design News Webinar Series
10/7/2014 8:00 a.m. California / 11:00 a.m. New York
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Oct 20 - 24, How to Design & Build an Embedded Web Server: An Embedded TCP/IP Tutorial
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: 10/28-10/30 11:00 AM
Sponsored by Stratasys
Next Class: 10/28-10/30 2:00 PM
Sponsored by Gates Corporation
Next Class: 11/11-11/13 2:00 PM
Sponsored by Littelfuse
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service