Threats
Threats can arise from external and internal manipulation. Loss of data security is not always
caused by deliberate actions.
Internal threats arise due to:
● Technical faults
● Operating errors
● Errors in programs.
This internal hazards are compounded by external threats. The external hazards do not differ
from the known threats in the office environment:
● Computer viruses and computer worms
● Trojan horses
● Unauthorized access
● Password phishing.
Password phishing means attempting to get a user to divulge access data and passwords by
masquerading as a different identity in an e-mail.
Precautions
The most important precautions against manipulation and loss of data security in an
industrial environment are:
● Filtering and verification of data traffic through virtual private networks (VPN). A virtual
private network is used to exchange private data in a public network (e.g. the Internet).
The most common VPN technology is IPsec. IPsec is a collection of protocols based on
the IP protocol at the network layer.
● Segmentation into protected automation cells. The aim of this concept is to protect
devices in the network through security modules. A group of protected devices forms a
protected automation cell. Only security modules in the same group or the device
protected by you can be interchanged.
● Authentication (identification) of the networked devices. The security modules identify
themselves to each other via a secure (encrypted) channel using authentication
procedures. This prevents access to a protected segment by unauthorized persons from
outside.
● Encryption of the data traffic. The confidentiality of the data is ensured by encrypting the
data traffic. For this purpose, every security module is given a VPN certificate which
includes the encryption key.
PROFINET Communication Module for SIRIUS Soft Starter 3RW44
Manual, 12/2013, A5E31996495002A/RS-AA/001
Safety information
2.3 Data security in automation
15