Title :
Best practices in automation security
Author_Institution :
Siemens Industry, Inc
Abstract :
Historically, automation systems have relied on "security through obscurity" to avoid computer attacks. Those days are gone. While the number of actual attacks on automation systems has been small, the tools needed to conduct these attacks are now loose in the "wild", and the potential losses from an attack are large. Requirements for MIS and MES integration with the control system, as well as program backup and maintenance activities eliminate the possibility of security through lack of connectivity. With careful system design and security-aware practices, security risks can be controlled. Network design complying with the ISA-99 recommendations places barriers between external threats and your control system. Proper configuration of security options on control system equipment can erect further barriers to attacks. Creation of, and adherence to operating policies can limit threats from non-network sources.
Keywords :
control engineering computing; risk analysis; security of data; ISA-99 recommendations; MES; MIS; automation security; automation systems; best practices; computer attacks; control system equipment; maintenance activities; program backup; security options; security risks; security-aware practices; system design;
Conference_Titel :
Cement Industry Technical Conference, 2012 IEEE-IAS/PCA 53rd
Conference_Location :
San Antonio, TX
Print_ISBN :
978-1-4673-0284-5
DOI :
10.1109/CITCON.2012.6215678
