Table of Contents
Advertisement
Kendrion Kuhnke Automation GmbH
4.4 IT Security
Automation devices contain functional units that should be protected. These include the conventional control
and regulation functions and algorithms but also the facility users' production and other data. Since there is
no automation solution without faults, some potential weak points and causes of risks remain.
Whereas the main threat is from LAN networks, attackers may also use local interfaces.
Consider the following routes of attack:
Interfaces (USB, LAN, WLAN, Bluetooth,.....)
Services, drivers, protocols (RPC, HTTP(S),.....)
Authentication, encoding (compulsory registration, encrypted password)
Physical access (closed rooms, cabinets)
Third-party systems or personnel
Take every effort to avoid exposing the PLC and controller networks to open networks or the Internet.
Safeguarding should include extra data link layers such as remote access via VPN as well as sophisticated
firewalls. As a basic rule, you should disable or restrict the access to all interfaces you do not need.
Segmentation (e.g. by a router with a firewall) may be another effective means of protection.
NOTE
Unauthorised access to the computer
Controller failure and data loss
Integration in networks granting public access requires the user to take appropriate
measures aimed at preventing unauthorised access.
Vico MT (E 863 GB)
01/10/2021
Construction and Functionality
34
Advertisement
Table of Contents
