HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Blog

Plant Security: From Assets to iPhones

NO RATINGS
View Comments: Newest First|Oldest First|Threaded View
bobjengr
User Rank
Platinum
PLANT SECURITY
bobjengr   8/9/2014 1:48:55 PM
NO RATINGS
Excellent point about the need for continuous updates when using systems aimed at providing IT to the factory floor.  I would also include daily back-ups of data and storage on servers dedicated solely to that purpose.  During my time with GE, we frequently needed data to provide input for Six Sigma exercises and to calculate the capability of processes within the various factories.  We would take data from all three shifts to get a feel for any loss of quality over a 24 hour period of time.  Loss of data became a real problem for us and basically required starting over with investigations.  In today's world, in-plant security is probably much more important that mere loss of data.  Any attempts to strengthen security are definitely welcomed.  Excellent post Rob.

jcbond_mi
User Rank
Gold
Plant Security - General
jcbond_mi   8/8/2014 1:52:18 PM
NO RATINGS
This article really just touches the surface of this issue.  Plant security is really a big, difficult, and, in some ways, frightening subject.

Most people have heard of Stuxnet, the virus used to attack the Iranian nuclear enrichment facility at Natanz.  Near as most people can guess, this was a combined effort on the part of at least one government and one or more private companies.  BUT -Stuxnet is still around.  other users have adapted it.  Other viruses have been created.  The problems are several.

1.  Factory control has a different paradigm for networking than outside IT.  The priority is that everything works, and if anything fails, it can be quickly remedied.  Maybe another way to put it is that the data networks are simple to understand and easily back-doored.  There is little in the way of native security, since this can be an obstacle to recovery.

2.  Factory control networking was, up until recently relatively obscure and untested. The security was by a combination of obscurity and what was though to be a lack of connection to the outside world.  Totally impractical, considering that Stuxnet's primary infection mode was tossing infected USB thumb drives into the facility's parking lot, thereby infecting programming terminals.  the example given of someone plugging in their phone/personal device and infecting a production network happens.  A lot.

3.  These systems are used to control things we care a whole heckuva a lot about:  Water/Wastewater treatment for example.

4.  These systems have long update times, and users are loathe to make updates without clear and compelling reasons to do so.  See note 1;  you don't make changes lightly to a working system that is running 24 hours a day, 7 days a  week, all year (with maybe a short specified maintenance interval).  So much of what is currently making cars, pumping oil, and manufacturing medical equipment is pretty doggone old.

Things are beginning to change, but it's slow.  There is a joint IEC/IEEE committee working on a standard for industrial security;  when that actually come out is when I predict we will see widespread change.  Where there are security standards, companies will follow - or face shareholder lawsuits for negligence, and maybe an inability to get insurance for a facility unless it is 'up to code'.

Rob Spiegel
User Rank
Blogger
Re: I had no idea that plants are facing that many threats
Rob Spiegel   8/6/2014 10:21:04 AM
NO RATINGS
Great idea, James. Breaches can really slam a company. Target took a huge stock price hit yesterday, which was viewed as further fallout from its breach a few months ago.

jamesshaffer85
User Rank
Iron
I had no idea that plants are facing that many threats
jamesshaffer85   8/6/2014 10:14:31 AM
NO RATINGS
I had no idea that plants are facing that many threats. But now I totally agree with you that all of them deserve serious consideration. I'm going even to order a custom term paper on this topic from place4papers.com, the leading research paper writing service in its field.

Partner Zone
More Blogs
Enabling the Future is designing prosthetic appendages modeled more like superhero arms and hands than your average static artificial limbs. And they’re doing it through a website and grassroots movement inspired by two men’s design and creation in 2012 of a metal prosthetic for a child in South Africa.
In order to keep an enterprise truly safe from hackers, cyber security has to go all the way down to the device level. Icon Labs is making the point that security has to be built into device components.
Three days after NASA's MAVEN probe reached Mars, India's Mangalyaan probe went into orbit around the red planet. India's first interplanetary mission, and the first successful Mars probe launched by an Asian nation, has a total project cost of nearly $600 million less than MAVEN's.
Sega is releasing a new futuristic sandbox that uses height sensors and projection mapped projectors to cast pictures that correspond to what you're making.
Plant user interfaces are beginning to incorporate the consumer features such as swipe, double tap, and pinch. The driver is Millennials who expect plant equipment to match the sophistication of the smartphone.
Design News Webinar Series
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
7/17/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Oct 20 - 24, How to Design & Build an Embedded Web Server: An Embedded TCP/IP Tutorial
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: October 1 - 30
Sponsored by Gates Corporation
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service