February 22, 2019

Verano's Industrial Defender Does Just That - page 2

Industrial Strength Opportunities

  • June 21, 2004
  • By Rob Reilly

Both computing environments are complex and have requirements that are sometimes at odds with each other.

  • Industrial cyber-security is not the same as enterprise cyber-security. Traditional industrial information technology vendors and experts have been concerned with programming machine tools or large, discrete, highly customized process control systems. Only passing attention was given to networking those systems together, much less, firewalls and routers. To compound the problem, the systems traditionally have used low-bandwidth (10 Mb/s) networks that were susceptible to denial-of-service outages when a big file was downloaded to a shop floor (a generic term for any production industrial environment) desktop. Mission critical, real time data normally flows on industrial networks. Finally, the shop floor computer experts normally have not collaborated much with the enterprise IT people.
  • Enterprise cyber-security is not the same as industrial cyber-security. The enterprise computer experts have always spent their days protecting financial transaction servers, web servers, corporate networks and desktop machines. Verano consultants have observed that the enterprise computer people really didn't worry much about the process system code or computer infrastructure out on the shop floor. "The IT people don't have the knowledge of real-time [industrial] systems and therefore the authority, at the plant level, to control these systems or their networks," said Dustin.
  • Contractors and vendors have had ready access to sensitive areas and computers in the plant. Since most industrial environments are populated with factory type workers and not computer experts, nobody has been on the lookout for unusual computer equipment or suspicious cyber activities.
  • Responsibility for industrial cyber-security and connecting the plant to the outside world has been a problem. Normally, the enterprise computer systems fell under the office of the Corporate Information Officer. The computer equipment for the plant has traditionally been purchased and run out of the Operations VP's office. So when a client connected their plant to the Internet and started sending process reporting and widget production numbers to the head office, nobody knew that it was their job to safeguard that connection.

Obviously, there were some formidable things to be worked out to make sure that a plant's systems and networks were safe.

Most Popular LinuxPlanet Stories