SPANGLER – the Plus of Cyber Security.
Modern industrial plants are often enabled by industrial communication networks to communicate and work in a network. The usual office network technology (IT world) differs significantly from the technology used in control systems in the OT world (Operational Technology). In recent years, however, OT and IT have increasingly merged, referred to as “Industry 4.0″.
OT and IT – Industry 4.0
Due to the constantly increasing networking of OT and IT, Spangler used the IEC 62443 standard as a basis for linking both sides and still guaranteeing the security of the systems. IT Security in machines and systems must be viewed holistically. A risk-based segmentation within the overall system is important. In the first step, Spangler Automation works out a customer-specific cell protection concept for the control cabinets and then implements this together with the customer.
Holistic view – standard IEC 62443 as a basis for IT Security
Networking in the field of sensors and actuators has been indispensable in industry for years. Up to now, however, industrial systems have been isolated and separated from the office networks. This has changed completely in recent years: Industrial networks have been connected to other IT components. This makes the island network vulnerable. There is a trend towards connecting cloud infrastructures in order to use them to open up new business models.
On the other hand, networking leads to opening and implicates the risk of misuse by unauthorised persons. In addition to a digitisation strategy, every industrial company or municipality therefore also needs a strategy to secure the production process and its own know-how to secure the business model. The IEC 62443 standard was defined for industrial IT security. It contains an established, implementable procedure model for an industrial cyber security strategy and is therefore clearly superior to uncoordinated individual activities. The essential parts of the standard have been published since the beginning of 2019 which gives users of the standard sufficient planning certainty.
Spangler Automation has intensively dealt with this standard. It now serves as the basis for IT security in the control cabinet and the system. The focus here is the segmentation of the system network. Therefore Spangler integrates a firewall into the control cabinet upon customer request which monitors communication and prevents attacks on the PLC and thus ensuring the continuity of the entire system. The firewall guarantees mutual protection – on the one hand for the system inside the control cabinet and on the other hand for the customer’s entire system. This prevents unauthorised access. At various customer training courses at the beginning of the year, Spangler provided detailed information and explanations about IT security.
Basically, a network subdivision with different function groups is always an advantage. If the control cabinets cannot communicate with each other, no malware can be passed on. However, as OT and IT are merging more and more, the systems are becoming increasingly internet-enabled and network-enabled and Ethernet-based fieldbuses such as PROFINET, EtherCAT and Modbus-TCP are therefore being used, certain protective measures must be defined.
Patch management includes the planning, procurement and testing of patches. A patch is a correction delivery for the software to correct errors, mostly to close security gaps that have become known or to retrofit functions that were not available before. This means that the software inventory is constantly kept up to date. This is possible by the regular import of updates. Spangler Automation can support its customers to import updates e. g. via remote access or with remote maintenance modems. The holistic view is paramount again. It is decided in advance which update is relevant for which customer, how to inform the user or how to import the updates. For IT security it is important to be properly prepared. Our in-house specialists will be happy to support you. Get in touch with us for important preventive measures.