Security Considerations
To help maintain a secure system, follow these guidelines:
- Limit physical access to authorized personnel.
- Implement physical barriers, such as locked cabinets.
- Only purchase products from official suppliers.
- Only download firmware and software from the Rockwell Automation official download portal at rok.auto/pcdc.
To secure networks and communication and data, follow these guidelines:
- Implement network technologies that filter, block, and control access to help secure networks.
- Configure authorization policies to define conditions for remote access.
- Select control products that offer security options.
For more information, see the following.
Resource | Description |
|---|---|
System Security Design Guidelines Reference Manual, publication SECURE-RM001 | Provides guidance on how to conduct vulnerability assessments, implement Rockwell Automation products in a secure system, harden the control system, manage user access, and dispose of equipment. |
Configure System Security Features User Manual, publication SECURE-UM001 | Describes how to configure and use Rockwell Automation products to improve the security of your industrial automation system. |
CIP Security with Rockwell Automation Products Application Technique, publication SECURE-AT001 | Describes how to plan and implement a Rockwell Automation system that supports the CIP Security™ protocol. |
FactoryTalk Security Application Technique, publication SECURE-AT002 | Describes how to How to use FactoryTalk Security to implement authentication and authorization in your industrial automation system. Describes how to enforce product-specific security for Studio 5000 Logix Designer® , FactoryTalk® View, and FactoryTalk® AssetCentre . |
Converged Plantwide Ethernet (CPwE) Design and Implementation Guide, publication ENET-TD001 | Provides guidelines for how to design, implement, and manage industrial Ethernet networks. |
Redundancy Module MicroSD Card Security
1756-RM3 redundancy modules have a microSD™ card for the primary purpose of storing Tech Support logs that Rockwell Automation can use to investigate the cause of a fault.
The
microSD™
card is secured in the following ways:- Major fault data for the 1756-RM3 is stored on themicroSD™card in the RockwellAutomation folder. All sensitive data in this location is encrypted and only Rockwell Automation can decode the encrypted data.
- Data is saved to themicroSD™card in only one direction: from the internal memory of the redundancy module to themicroSD™card.
- Data stored on themicroSD™card cannot be read by the redundancy module firmware.
Provide Feedback