HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
jmacpherson
User Rank
Iron
Re: Automation hacking
jmacpherson   7/7/2011 3:54:22 PM
NO RATINGS

Rob, you hit the nail on the head. Resource allocation for networking solutions for machines is just not available at a majority of companies. Most electrical tech leads on the machines do not have the IT background which has been long needed for the Ethernet solutions being implemented on the plant floors. IT usually will forbid access across the company wide network and lock the machine down from outside access which ultimately negates features built into the machine's control scheme to make it easier to manage remotely. This topic is and will be a double edged sword.


Alexander Wolfe
User Rank
Blogger
Re: Siemens?
Alexander Wolfe   7/6/2011 5:00:06 PM
NO RATINGS
In response to the question you raise, Jack, I'd postulate two possible reasons. The first might be that the Iran nuclear processing facility presented a high-value target -- there's widespread opinion that one or more government actors was involved in the takedown. Since that plant had Siemens controllers, Siemens became a target. The other is, I've been told by at least one programmer who should know, that Siemens controllers have very strong functionality on the software side as far as their ability to interface with networks. So it's possible that this strength has been used as a point of attack.

Jack Rupert, PE
User Rank
Platinum
Siemens?
Jack Rupert, PE   7/6/2011 4:50:39 PM
NO RATINGS
It's interesting that this is Siemens again.  Is there a particular set of weaknesses in their security implementations, or are they just being more proactive in analysis and getting the info out there at the moment due to the fact that the first system to be hacked happened to be theirs?  I've used the S7 for a number of years and always thought it was solid.  However, I also wasn't searching this deeply for holes.  I remember years ago with the Allen-Bradley PLC-5 series you could open up the .X5 file (I think) in a text editor, run a simple search for a particular string, and there was the password in plain text.  I'm sure that hole has been closed, but this is just saying that there is nothing new.

Rob Spiegel
User Rank
Blogger
Re: Potential disaster
Rob Spiegel   7/6/2011 4:12:30 PM
NO RATINGS
Good point, Charles. This is the nightmare of plant managers. Often the big fear regards disgruntled former employees who know the system and know how the security ticks.

Charles Murray
User Rank
Blogger
Potential disaster
Charles Murray   7/6/2011 11:50:16 AM
NO RATINGS
It would be a mistake to take this too lightly. Imagine the chaos that could be created at any number of huge manufacturing plants if a hacker could decipher a product's password and make unauthorized changes to a manufacturing operation.

Rob Spiegel
User Rank
Blogger
Automation hacking
Rob Spiegel   7/6/2011 11:47:35 AM
NO RATINGS
In plants, there has been a long battle as to who is in charge of the automation system once it becomes completely networked. It's the war between IT and control. The control side says, "We have production goals to meet, don't get in our way." the IT side says, "You're exposed to the world now, you need to pay attention to security." Looks like IT may have a point now. Plants are becoming more vulnerable to outside intrusions.

 



Partner Zone
Latest Analysis
Self-driving vehicle technology could grow rapidly over the next two decades, with nearly 95 million “autonomous-capable” cars being sold annually around the world by 2035, a new study predicts.
MIT’s Senseable City Lab recently announced the program’s next big project: “Local Warming.” The concept involves saving on energy by heating the occupants within a room, not the room itself.
The fun factor continues to draw developers to Linux. This open-source system continues to succeed in the market and in the hearts and minds of developers. Design News will delve into this territory with next week's Continuing Education Class titled, “Introduction to Linux Device Drivers.”
Dean Kamen tells an audience at MD&M East 2014 how his team created the DEKA Arm to meet DARPA's challenge to design a better prosthetic arm for wounded veterans.
The new draw-it-on-a-napkin is the CAD program. As CAD programs become more ubiquitous and easier to use, they have replaced 2D sketching for early concepting.
More:Blogs|News
Design News Webinar Series
7/23/2014 11:00 a.m. California / 2:00 p.m. New York
7/17/2014 11:00 a.m. California / 2:00 p.m. New York
6/25/2014 11:00 a.m. California / 2:00 p.m. New York
5/13/2014 10:00 a.m. California / 1:00 p.m. New York / 6:00 p.m. London
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Aug 4 - 8, Introduction to Linux Device Drivers
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  6


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Next Class: August 12 - 14
Sponsored by igus
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service