IEC 62443 standard: security for industrial applications Overview on the parts of the standard The IEC 62443 standard series defines the necessary security processes and functional measures for device/component manufacturers, system integrators, and operators of machines and plants. It is a common security standard for industrial automation systems and… Read More
Security-relevant laws and industrial standards It is important to understand that IT security is not only a new “product feature” that a vendor can implement more or less well at its own discretion. Instead, the integration of security features into automation equipment, systems and components is now required… Read More
Why cyber security? There are several definitions for cyber security, like Cyber security is the state in which the risks associated with the use of information technology are reduced to a tolerable level. Risks arise from threats and weaknesses to systems and products. Information security is… Read More
Restricted mobile access: protecting a WLAN by password Unauthorized smart devices must not be able to connect themselves via the WLAN interface. For that reason, your strict password rules should also apply to all wireless access points in your ICS. WLAN components from Phoenix Contact enable automated… Read More
TLS / HTTP(S) To secure the transmission of data between network devices used to build automation infrastructures and systems (such as controllers), or between an engineering software and devices which you configure and commission via this software, you should use security-capable transmission wherever they are supported. Such protocols… Read More
Technical and organizational security measures To achieve security, a holistic approach is necessary: An adequate security concept must include the technology used, defined processes, and the people involved, i.e., it must specify both technological and organizational measures. Many but not all threats can be defended against with… Read More
NAT and port forwarding General information Network Address Translation (NAT) separates internal (private) and external (public) network areas. A NAT device (which is usually located at the network or zone border) exchanges public and private IP addresses. This way, all internal network addresses are hidden behind the… Read More
Network segmentation It is difficult to determine the protection needs of an entire plant and to implement protective measures on this basis. If an office network, factory network and, for example, production line networks are directly connected to each other, malfunctions and viruses can be spread directly over all… Read More
