Security - The Next Frontier

June 27, 2013
Shop floor data security was a topic at The Automation Conference held last month with security expert Eric Byres of Tofino Security sharing his experiences and the results of government studies on the topic.

The takeaway was that you can't hide from security concerns under the belief that your equipment isn't connected. The best security is to connect everything and then take active steps to monitor and protect your information.

Most of us probably wish that we didn't have to focus on another issue within manufacturing. With safety, maintenance, changeovers, OEE and the myriad other issues on our plates, we don't need anything else to do. But, either we as controls engineers will address the data security issues on the shop floor or someone else will be anointed to do our job for us. The best approach, no doubt, is a collaborative effort between engineering and IT.

We may be inclined to think that this is only of concern to munitions plants, public utilities and plants that process hazardous materials. Think again. A Fortune 400 snack food company recently published a job search description for a Director of Process & Controls Technology that included in the third sentence the following: " This position will draw upon the expertise of the Information Security Department to maintain state of the art information security". And further into the description of major duties: "... to manage this team in the application and implementation of advanced process & control systems while insuring manufacturing network system integrity and information security throughout the organization. Develop, manage and monitor external process & control interfaces to mitigate security risk." Clearly, information security is high on the list of concerns of this consumer products company.

With the recent NSA revelations, perhaps it will come as no surprise to us that what goes out over the internet is easily monitored. According to Eric, the real surprise is how connected our manufacturing systems are, and we don't even realize it. Add to that the fact that many machine tools, packaging machines and processes are still running versions of Windows XP which is known for its many vulnerabilities, and you begin to see the potential for some real problems. Outsiders could disrupt our operations, steal our formulas, steal part geometry, determine our production rates, steal our software or the software of our machine providers, or hack into our business systems - just to mention a few bad outcomes. Not only do end users need to be concerned for their intellectual property but equipment builders are vulnerable to software pirating by hackers gaining access through a customer's site.

Do you see shop floor information security as a real concern? If so, has your company taken steps as of yet to address these concerns? Share your thoughts with our readers.

Sponsored Recommendations

Why Go Beyond Traditional HMI/SCADA

Traditional HMI/SCADAs are being reinvented with today's growing dependence on mobile technology. Discover how AVEVA is implementing this software into your everyday devices to...

4 Reasons to move to a subscription model for your HMI/SCADA

Software-as-a-service (SaaS) gives you the technical and financial ability to respond to the changing market and provides efficient control across your entire enterprise—not just...

Is your HMI stuck in the stone age?

What happens when you adopt modern HMI solutions? Learn more about the future of operations control with these six modern HMI must-haves to help you turbocharge operator efficiency...