Technical PC hardening measures Any engineering tool, such as PLCnext Engineer, can manipulate devices or processes in your ICS. To reduce the risk of manipulation, perform security evaluations regularly. PC-based hardening and organization measures Protect any PCs used in automation solution environments against security-relevant manipulations. This… Read More
Anti-malware inspection The list of security incidents in industry is growing longer all the time: Stuxnet, Industroyer, TRITON, or WannaCry are examples of malware/ransomware which attacked SCADA systems, safety controllers etc. While anti-virus/anti-malware software is common and widespread on IT systems, OT components are often still unprotected. Read More
Logging and monitoring Log and status data as feedback for security improvements The early detection of security-relevant incidents as well of system errors and performance “bottlenecks” during operation or data transmission depends to a large extent on adequate logging and monitoring. In particular, log data and… Read More
ICS security concept by Phoenix Contact This topic describes how Phoenix Contact solves the requirements regarding cyber-security. Note: This description and the illustrations in this chapter are schematic and exemplary in nature. They do not claim to be complete. Details on technical implementations and practical realization can… Read More
About this guideline Validity of this guideline The present documentation is not specifically related to any specific device or software version. It is rather to be understood as generic information which has to be supplemented by the related product-specific information given in the respective device manual or… Read More
Secure communication by encryption and authentication Main goals: integrity and authentication The implementations described in this chapter serve to pursue two main objectives of security engineering: to achieve data integrity and to authenticate users and data sources. Integrity: is the data unchanged? Checksums indicate the… Read More
ISO/IEC 27001 standard: security for traditional IT systems ISO/IEC 27001 is the leading international and most important standard regarding cyber-security of Information Technology (IT) systems. It describes the implementation of an Information Security Management System (ISMS) by providing clear guidelines for planning, implementing, monitoring, and improving your information… Read More
Port protection and port alerts Infected hardware, like USB sticks or laptops, can transfer malware to the network. The following measures can be taken to prevent this: Configure the port security function of the devices involved in a way that unknown devices cannot exchange data with the… Read More
Security from the operator’s view Introduction Note: Many requirements are listed in both standards IEC 62443-2-1 and ISO/IEC 27001 From a plant operator’s point of view, many requirements apply that are defined in both ISO/IEC 27001 (which deals with IT system security) and IEC 62443-2-1 (draft edition 2.0). Even… Read More
IEC 62443 standard: security for industrial applications Overview on the parts of the standard The IEC 62443 standard series defines the necessary security processes and functional measures for device/component manufacturers, system integrators, and operators of machines and plants. It is a common security standard for industrial automation systems and… Read More
