Industrial Automation Networks - Deep Defense

_074e472c-f069-47b1-bdb1-b81819334359

Automation industrial networking safety is a set of activities that encompasses hardware and software technologies to prevent the variety of threats to the integrity of networks, data, environments and users. With this devices and software are used as reliable barriers using embedded safety functions that define the function of these tools. We should explore all products with security controls, especially NGFirewall, IDS, antimalware including industrial networks that already include security functions that often need to be enabled.

Effective and correct use of safety functions on industrial networks is important at various stages of the existence of the asset, from the design of these devices and also the active engineering project. These well -applied features also meet as very effective contracted in mitigating industrial cyber safety risks as they have an in -depth defense approach. It is important to be aware of all these phases of application of the devices, being in their design, specification, acquisition, implementation, maintenance and update.

For the development of safe products and systems, several requirements are established. These requirements should always be considered when elaborating technical specification for acquisition, in a technical assessment of proposals from suppliers, at the time of configuration, installation, testing and when operative, maintain a periodic evaluation, its update and correction. >

Component Requirements are evaluated according to several factors that will indicate the correct functions for that type of device or software, such as:

Software Application, or host Ex.: Operating Station, Data Historian

incorporated or network device, eg: PLC, IED, switch, VPN terminal

It is also important to consider the application of networking devices in an integrated manner, that is, in the functional context, the purpose of its application, the possible scenarios in the normal operation of the process or in case of emergencies or occurrence of cyber incidents. Also consider user and operators profiles, the appropriate settings for a particular application and also their life cycle, equipment degradation or obsolescence.

Fundamental requirements for assessment of the level of security and application of countermeasures:

1. Identification and Authentication Control

2. Use Control

3. System Integrity

4. Restricted Data Flow

5. Response time to events

6. Availability of resource

Fundamental requirements encompass various system principles and their application levels evaluating the system into consideration, considering and not limited to:

 

  • User Identification and Authentication;
  • Identification and authentication of devices and software;
  • Account management, identification, authentication and wireless access, portable and mobile devices;
  • Notification of system use;
  • Access via unreliable networks;
  • auditable events and failure response;
  • Protection against malicious codes;
  • Use of encryption;
  • Network segmentation and edge protection;
  • Continuous monitoring;
  • Backup and restoration of the system.

 

Source: ANSI/ISA-62443-3-3-Security for Industrial Automation and Control Systems-System Security Requirements and Security Levels

 

Compliance with technical safety standards and product and software certification is an important verification for using secure devices and applications that ensure the safety of our customers and business assets as a whole as a whole .

Snef cybersecurity services are anchored in the three pillars of industrial cyber security: integrity / availability / confidentiality, which support practices and policies in this area. SNEF is also aligned with ONS requirements and applies to its engineering projects at the Own Operations Center and its customers all guidelines related to cyber security policy.