Strategic solutions and efforts are needed to tackle today’s cybersecurity risk
In this information age of manufacturing, it is not only about what data can be accessed in manufacturing operations, but also how they can be accessed.
Automation technology gives companies the freedom to imagine operations in transformative new ways; it saves a huge amount of manpower and time from production to management, yet, risks always come along with opportunities.
A Beneficial Solution
Take the major California petroleum producer who supplies the power needs of over 1.5 million homes as an example: They had been manually monitoring data of over 2,800 control devices distributed among their six separated oil fields that are utilized by one oil-field process control network (PCN) until their corporate supervisory control and data acquisition (SCADA) audit had identified serious cybersecurity risks related to the lack of reliable control-asset data keeping by their business units back in 2013.
Rockwell Automation solved their problems with a new diagnostic reliability (DR) system directed by Allen-Bradley® SoftLogix™ 5800 controller with proprietary code encrypted, which automatically identifies, interrogates and monitors control hardware by continuously scanning and tagging every device on the PCN. Integrated with FactoryTalk® software, all detailed PCN’s overall performance were clearly reported and understood by the oil company.
As a result, the oil company has moved from manual database to automated real-time data collection and its business unit is already in full compliance with a new set of cybersecurity policy based on the ISA99 standard for industrial control system.
However, while wireless technology has been increasingly used in mission-critical applications such as data transfer and SCADA, and cybersecurity threats have been ramping up for the past decade, there are more that need to be considered in order to protect plants and manufacturing sites.
Present Layered Defense Strategy
In today’s manufacturing environment, control systems can no longer rely on their historically physical isolation as higher-level enterprise systems and the Internet are vulnerable to external intrusions and attacks.
Particularly as more manufacturers build a Connected Enterprise and converge their industrial and enterprise systems into an Ethernet-based network architecture, reliable and strongly secured wireless communications with low levels of latency and jitter to achieve uninterrupted control and data access are needed.
Pfizer, the pharmaceutical company, has been working with their plant sites to establish integrated layers of defense to fight off cybercriminals.
Along with Defense-in-Depth (DiD) established control systems and a series of firewalls, Pfizer has added another layer to secure zones protecting each business asset from the others. The secured areas are divided by purpose-built firewall gateways, such as the Rockwell Automation Allen-Bradley Stratix® 5950 security appliance.
Share and Aware, Connect Better
Beyond technical fixes and reinforcements, manufacturers and stakeholders must share their cybersecurity knowledge to develop and present a unified response to probes, intrusions, threats and attacks. It is always advantageous for security to have different players communicate effectively while establishing clear roles and responsibilities.
Whether it is a small wireless network or plant-wide one, a single business or a connected enterprise, as a beacon of security, Rockwell Automation is always ready to help protect operations and intellectual property against any cyber threats.