Good points but no proof of a secure solution. Seems like SSL VPN is used, apart from SSL v3 SSL is vulnarable to man in the middle attack. Are public certificates used or self-signed? And even then we have seen CA's can be compromized. If the APP can write back to the PLC I am afraid the conclusion must be that it is not a secure solution.
I am the author of application in this article. The IOS app requires a Username and Password to have access to the information. All transmissions between the IOS device and the server are encrypted and validate the users credentials. Different User Roles provide access to different levels of information. For the roles that provide the ability to write back data to the PLC, the user must re-enter the password for verification each time data is sent. This provides enough security for this particular application.
Security concerns are very importnat and must be taken into account as each application is written. There are many instances where mobile devices with access to PLC-generated data can prove valuable. Security concerns can be addressed so that we do not miss out on this opportunity.
There's no reason that these apps can't influence plant behavior, depending on how they're constructed. Which is why security is/will be of increasing concern as we see more iOS and Android apps relating to factory automation. Whether you're talking illicit access to data, or gaining control of stuff that's only supposed to be touched by authorized personnel, the danger here is the same as it is everywhere else.
I've been hearing some talk/interest in using iPads and iOS apps on the factory floor as well. Here's another: Aurora Industrial Automation, a Rockwell Automation system integrator, has developed an iPhone/iPad app that lets users access real-time plant floor info using Rockwell's VantagePoint and FactoryTalk ViewPoint software. They can leverage the tools to access production metrics, to carry out visual inspections, among other use cases.
Here's another one, Alex. Opto 22 introduced the Opto iPAC iOS App last week. It offers access to the company's SNAP PAC System via popular mobile devices including the iPhone, iPod Touch, and iPad. Detailed, real-time, control system information is now accessible to authorized control engineers, maintenance personnel, instrumentation technicians, panel builders, developers, and others through their mobile and tablet devices.
At the Design News webinar on June 27, learn all about aluminum extrusion: designing the right shape so it costs the least, is simplest to manufacture, and best fits the application's structural requirements.
For industrial control applications, or even a simple assembly line, that machine can go almost 24/7 without a break. But what happens when the task is a little more complex? That’s where the “smart” machine would come in. The smart machine is one that has some simple (or complex in some cases) processing capability to be able to adapt to changing conditions. Such machines are suited for a host of applications, including automotive, aerospace, defense, medical, computers and electronics, telecommunications, consumer goods, and so on. This radio show will show what’s possible with smart machines, and what tradeoffs need to be made to implement such a solution.