25
2.2 Industrial Security and Installation Guidelines
This chapter provides information on industrial security in information technology and installation guidelines.
2.2.1 Industrial security in information technology
Hazards The topic of data security and access protection has become increasingly important in the industrial environ-
ment. The increased networking of entire industrial systems to the network levels within the company together
with the functions of remote maintenance have all served to increase vulnerability. Hazards can arise from:
• Internal manipulation such as technical errors, operating and program errors and deliberate program or data
manipulation.
• External manipulation such as software viruses, worms and Trojans.
• Human carelessness such as password phishing.
Precautions The most important precautions to prevent manipulation and loss of data security in the industrial environment
are:
• Encrypting the data traffic by means of certificates.
• Filtering and inspection of the traffic by means of VPN - "Virtual Private Networks".
• Identification of the user by "Authentication" via save channels.
• Segmenting in protected automation cells, so that only devices in the same group can exchange data.
• Deactivation of unnecessary hardware and software.
Further information You can find more information about the measures on the following websites:
• Federal Office for Information Technology https://www.bsi.bund.de/EN/Home/home_node.html
• Cybersecurity & Infrastructure Security Agency us-cert.cisa.gov
• VDI / VDE Society for Measurement and Automation Technology www.vdi.de/en/home
• IEC 62443 Security for industrial automation and control systems https://www.iec.ch/blog/understanding-iec-
62443
•
2.2 Industrial Securit
and Installation Guidelines
2
Overview
To Next Page
Loading...
