Siemens SIMATIC ET 200AL System Manual page 26

Distributed i/o system

Hide thumbs Also See for SIMATIC ET 200AL:

System manual (2255 pages)

Manual (86 pages)

Equipment manual (46 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

page of 174

/ 174
Bookmarks

Industrial cybersecurity

3.4 Integrated security concept and security strategies

3.4

Integrated security concept and security strategies

3.4.1

Comprehensive security concept "Defense in Depth"

With Defense in Depth, Siemens provides a multi-layer security concept that offers industrial

plants comprehensive and far-reaching protection in accordance with the recommendations

of the IEC 62443 international standard.

Productivity and know-how are protected on 3 levels:

Plant security

Plant security uses various methods to secure the physical access of people to critical

components. This starts with classic building access and extends to securing sensitive areas

using access control (for example, code card, iris scan, fingerprint or access code).

Network security

Automation networks must be protected against unauthorized access. This is achieved

through security measures on the product, but also those in the product-related

environment.

System integrity

Targeted measures must be taken to protect existing know-how or to prevent unauthorized

access to automation processes.

You can find more information on the topics of Defense in Depth, plant security, network

security, and system integrity on the SIEMENS Industrial cybersecurity

(https://www.siemens.com/us/en/company/topic-areas/cybersecurity/industrial-security.html)

Web page.

You can also visit the download center

areas/cybersecurity/industrial-security/downloads.html) to obtain more information on the

topic of industrial cybersecurity. The "Operational Guidelines", for example, provide

recommendations on basic security measures for secure machine and plant operation in an

industrial environment.

3.4.2

Security management

The ISO 27001 and IEC 62443 standards call for a comprehensive approach in IT and OT to

protect against cyber attacks.

Responsibility for cybersecurity and IT security

Every operator of machinery and equipment is responsible for:

• Defining cybersecurity and IT security as an important criterion in the procurement and

selection of machines and software applications.

• Use of suitable measures to protect production resources, data, and communication from

manipulation and theft

• Providing all necessary resources and training to employees to fully support these goals

For this purpose, suitable measures must be selected after a risk assessment and a cost-

benefit analysis in order to protect material and intellectual property and prevent damage

from occurring. These measures should be integrated into corporate processes and

procedures, evaluated regularly, and firmly anchored in the corporate culture. In addition to

protecting intellectual property, the protection of personal data must be ensured at all

organizational units and levels.

(https://www.siemens.com/us/en/company/topic-

System Manual, 12/2023, A5E31861578-AL

Distributed I/O system

Siemens SIMATIC ET 200AL System Manual page 26

Related Manuals for Siemens SIMATIC ET 200AL

Related Products for Siemens SIMATIC ET 200AL