We offer tools, products and services that can help you build security into your control system. In addition, our Network Services and Security Services capabilities help you design, troubleshoot and verify that your system meets the level of security that is right for you, today and tomorrow.
Although security is merely one aspect of a complete, system-level controls solution, it remains an integral aspect to the Rockwell Automation controls philosophy and we remain committed to evolve security solutions to meet your needs.
- Membership & Leadership: Applying Standards to Help Your Security
Rockwell Automation is an active member of several security standards development bodies. The efforts are focused in the International Society of Automation (ISA) Security committee (ISA99) which is working in tandem with the International Electrotechnical Commission’s (IEC) security working group (TC65 WG10) to develop international security guidelines (IEC 62443). The "Industrial Automation and Control System Security" committee establishes standards, recommended practices, technical reports, and related information that define procedures for implementing electronically secure manufacturing and control systems and security practices and assessing electronic security performance.
- Process Control Security Adherence
Other areas of activity include the Industrial Control System Joint Working Group (ICSJWG) established by the Department of Homeland Security (DHS) Control Systems Security Program (CSSP). The purpose of the ICSJWG is to facilitate the collaboration of control systems stakeholders to accelerate the design, development, and deployment of more secure control and legacy control systems. Forum participants include international stakeholders from government, academia, industry users, owner/operators, systems integrators; and the vendor community. As stated by DHS, "The ICSJWG provides a vehicle for communicating and partnering across all Critical Infrastructure and Key Resources Sectors (CIKR) between federal agencies and departments, as well as private asset owner/operators of industrial control systems."
- Global Security Compliance
Rockwell Automation is also a Technical Member of the newly formed ISA Security Compliance Institute (ISCI
). In the ISCI, industry leaders from a number of major control system users and manufacturers are investigating the feasibility of creating an organization to establish a set of well-engineered specifications and processes for the testing and certification of critical control systems products. The mission of the proposed organization is “to decrease the time, cost, and risk of developing, acquiring, and deploying control systems by establishing a collaborative industry-based program among asset owners, suppliers, and other stakeholders to:
- Facilitate the independent testing and certification of control system products to a defined set of control system security standards;
- Use existing control system security industry standards, where available, develop or facilitate development of interim standards where they don't already exist, and adopt new standards when they become available;
- Accelerate the development of industry standards that can be used to certify that control systems products meet a common set of security requirements.
The standards, tests, and conformance processes for control systems products will allow the products to be securely integrated. An ultimate goal is to push the conformance testing into the product development life cycle so that the products are intrinsically secure."
Have a security concern? E-mail us with your question or comments.
To address specific concerns, or to report issues you may have with Rockwell Automation products as employed in larger systems, you can contact us at firstname.lastname@example.org.
Communicate securely with us using our PGP Public Key Block.
Learn more about Pretty Good Privacy (PGP) and Asymmetric Key Cryptography.