Physical production security
Physical production security can be ensured through measures such as:
• Separate access control for critical areas, such as production areas.
• Installation of critical components in lockable cabinets/control rooms with monitoring and
alarm capabilities. The cabinets/control rooms must be secured with a cylinder lock. Do
not use simple locks, such as universal, triangular/square, or double-bit locks.
• Radio field planning to limit WLAN coverage areas, preventing them from extending
beyond defined zones (e.g. factory floor).
• Guidelines that prohibit the use of external, insecure data storage media (such as USB
flash drives) and IT devices (such as laptops) on systems.
4.6
Security properties of the devices
The security properties of the individual devices are listed in the Equipment Manuals.
4.7
Secure operation of the system
This section describes measures recommended by Siemens to protect your system from
manipulation and unauthorized access.
4.7.1
Hardening measures
System hardening, also referred to simply as hardening, is the secure configuration of
products or systems. The aim is to close vulnerabilities and take various measures to reduce
the attack surfaces for cyberattacks.
Measures for system hardening include, for example:
• Secure configuration in which only software components and services actually needed for
operation are installed or activated.
• Access control in which a restrictive user and rights management system is implemented.
SIMATIC Drive Controller
System Manual, 11/2023, A5E46600094-AD
Industrial cybersecurity
4.6 Security properties of the devices
31