Security measures - an overview

To achieve security in an automation system, a holistic approach is necessary. An adequate security concept must be drawn up that covers technologies used, the defined processes, and the people involved. Both technological and organizational measures must be taken into account.

Many threats can be contained by appropriate technical measures, but must be supplemented by organizational measures involving personnel, procedures, policies, and practices.

For details, please refer to 360° Security - The Holistic Approach.

Technical automation solution measures are, for example:

• Network segmentation and architecture
• Firewall configuration, management of network segmentation, and device protection
• User management with Role-based Access Control (RBAC)
• Local and centralized (LDAP) user management configuration
• Transport Layer Security (TLS) for secure communication
• Certificate management for asymmetric cryptography and key management
• Local and centralized security logging
• Network-wide time synchronization
• Network-wide device and update management
• Secure configuration of the automation application
• Secure remote access via VPN (IPsec or OpenVPN)
• Local and centralized backup and restore