Page 10 - Industrial Terchnology EXTA 22nd March 2021
P. 10
the event of an attack. By
adhering to a standard, plant
owners how to approach a
situation and understand the
best methods to base their
architecture security strategy on.
National Institute for Standards
and Technology (NIST) and IEC
62443 standards are both good
examples of essential standards
for an industrial plant.
Generally, NIST Guidelines
are much more technical and
hacker recently initiated an OT cybersecurity attack information technology (IT) driven, despite involving
on an Oldsmar, Florida water treatment facility, some inputs for operational technology (OT).
which adjusted the levels of sodium hydroxide from However, the IEC 62443 standard has more a
100 parts per million to 11,100 parts per million. generic approach and is perfectly suited for plant
At the time, the facility allowed remote access into settings, with a focus on OT. This standard specifies
its ICS systems with a software package called the process requirements for the secure
TeamViewer, which was not securely configured and development of products used in industrial
might not have even been authorized with software. automation and control systems, addressing the
Now picture this. A machine’s settings or batch issue of security for industrial automation and
recipes are slightly adjusted, meaning the plant control systems (IACS).
manager will experience unprecedented quality loss The biggest advantage of IEC 62443 standard is
or downtime. At this point – because there is no that it defines security requirements for three major
major or obvious disruption to the plant’s operation players when discussing an OT project; the asset
– it is hard for the plant manager to know why this owner, system integrator and a component supplier.
is happening. However, the plant has experienced In fact, as COPA-DATA’s Secure Development
data loss of some kind, which could lead to more Lifecycle accords to IEC 62443-4-1, its zenon
damaging financial consequences further down software offers features that can ensure
the line. communication across an entire plant’s
Despite leaving operators scratching their heads, architecture. Its features are developed to highlight
these scenarios could be prevented through a networks vulnerability and allow security
specification standards. managers to take appropriate action before an
intruder reaches its target.
Picking between the standards While operators cannot build a fully functioning
Adhering to industrial standards for security can smart factory on a weak foundation, adhering to
protect plant managers from unexpected risks. specific standards and using the sufficient industrial
Standards like IEC 62443, help create mechanisms software ensures a plant’s architecture sets the
by which the policies are enacted to avoid risks – foundation for secure digital processes.
helping plant managers identify threats and act in www.copadata.com
March 2021 • INDUSTRIAL TECHNOLOGY EXTRA • p10
