Plant Security: From Assets to iPhones

View Comments: Newest First|Oldest First|Threaded View
User Rank
bobjengr   8/9/2014 1:48:55 PM
Excellent point about the need for continuous updates when using systems aimed at providing IT to the factory floor.  I would also include daily back-ups of data and storage on servers dedicated solely to that purpose.  During my time with GE, we frequently needed data to provide input for Six Sigma exercises and to calculate the capability of processes within the various factories.  We would take data from all three shifts to get a feel for any loss of quality over a 24 hour period of time.  Loss of data became a real problem for us and basically required starting over with investigations.  In today's world, in-plant security is probably much more important that mere loss of data.  Any attempts to strengthen security are definitely welcomed.  Excellent post Rob.

User Rank
Plant Security - General
jcbond_mi   8/8/2014 1:52:18 PM
This article really just touches the surface of this issue.  Plant security is really a big, difficult, and, in some ways, frightening subject.

Most people have heard of Stuxnet, the virus used to attack the Iranian nuclear enrichment facility at Natanz.  Near as most people can guess, this was a combined effort on the part of at least one government and one or more private companies.  BUT -Stuxnet is still around.  other users have adapted it.  Other viruses have been created.  The problems are several.

1.  Factory control has a different paradigm for networking than outside IT.  The priority is that everything works, and if anything fails, it can be quickly remedied.  Maybe another way to put it is that the data networks are simple to understand and easily back-doored.  There is little in the way of native security, since this can be an obstacle to recovery.

2.  Factory control networking was, up until recently relatively obscure and untested. The security was by a combination of obscurity and what was though to be a lack of connection to the outside world.  Totally impractical, considering that Stuxnet's primary infection mode was tossing infected USB thumb drives into the facility's parking lot, thereby infecting programming terminals.  the example given of someone plugging in their phone/personal device and infecting a production network happens.  A lot.

3.  These systems are used to control things we care a whole heckuva a lot about:  Water/Wastewater treatment for example.

4.  These systems have long update times, and users are loathe to make updates without clear and compelling reasons to do so.  See note 1;  you don't make changes lightly to a working system that is running 24 hours a day, 7 days a  week, all year (with maybe a short specified maintenance interval).  So much of what is currently making cars, pumping oil, and manufacturing medical equipment is pretty doggone old.

Things are beginning to change, but it's slow.  There is a joint IEC/IEEE committee working on a standard for industrial security;  when that actually come out is when I predict we will see widespread change.  Where there are security standards, companies will follow - or face shareholder lawsuits for negligence, and maybe an inability to get insurance for a facility unless it is 'up to code'.

Rob Spiegel
User Rank
Re: I had no idea that plants are facing that many threats
Rob Spiegel   8/6/2014 10:21:04 AM
Great idea, James. Breaches can really slam a company. Target took a huge stock price hit yesterday, which was viewed as further fallout from its breach a few months ago.

User Rank
I had no idea that plants are facing that many threats
jamesshaffer85   8/6/2014 10:14:31 AM
I had no idea that plants are facing that many threats. But now I totally agree with you that all of them deserve serious consideration. I'm going even to order a custom term paper on this topic from place4papers.com, the leading research paper writing service in its field.

Partner Zone
More Blogs
Advertised as the "Most Powerful Tablet Under $100," the Kindle Fire HD 6 was too tempting for the team at iFixit to pass up. Join us to find out if inexpensive means cheap, irreparable, or just down right economical. It's teardown time!
The increased adoption of wireless technology for mission-critical applications has revved up the global market for dynamic electronic general purpose (GP) test equipment. As the link between cloud networks and devices -- smartphones, tablets, and notebooks -- results in more complex devices under test, the demand for radio frequency test equipment is starting to intensify.
Much of the research on lithium-ion batteries is focused on how to make the batteries charge more quickly and last longer than they currently do, work that would significantly improve the experience of mobile device users, as well EV and hybrid car drivers. Researchers in Singapore have come up with what seems like the best solution so far -- a battery that can recharge itself in mere minutes and has a potential lifespan of 20 years.
Some humanoid walking robots are also good at running, balancing, and coordinated movements in group settings. Several of our sports robots have won regional or worldwide acclaim in the RoboCup soccer World Cup, or FIRST Robotics competitions. Others include the world's first hockey-playing robot and a trash-talking Scrabble player.
Automation technology advances matched with expanded fracking and the growing urbanization of Asia, South America, and the Middle East, are fueling a boom in the automation industry.
Design News Webinar Series
10/7/2014 8:00 a.m. California / 11:00 a.m. New York
9/25/2014 11:00 a.m. California / 2:00 p.m. New York
9/10/2014 11:00 a.m. California / 2:00 p.m. New York
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Oct 20 - 24, How to Design & Build an Embedded Web Server: An Embedded TCP/IP Tutorial
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6

Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: 10/28-10/30 11:00 AM
Sponsored by Stratasys
Next Class: 10/28-10/30 2:00 PM
Sponsored by Gates Corporation
Next Class: 11/11-11/13 2:00 PM
Sponsored by Littelfuse
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service