Minimising cyber security threats on industrial control systems. Without a strong commitment to security, manufacturers will fall victim to the many pitfalls faced by open protocols.

Top Article for 2018 - Protecting Utilities
Top Article for 2018 - Protecting Utilities

Nick Boughton | Boulting Technology

In 2017, the UK Government proposed the implementation of the Security of Networking and Information Systems (NIS) Directive, with the aim of improving the security of essential services such as water and energy. Should providers fail to protect their systems, a £17 million penalty could be enforced. Here, Nick Boughton, sales manager at leading industrial systems integrator Boulting Technology, discusses why it is important for utility providers to protect themselves from cyberattacks.

Plant managers within utility companies are now demanding more from their industrial control systems (ICS) to deliver operational improvements through smarter, information-enabled machines. As a result, the domains of IT and OT are converging and becoming increasingly connected as many ICSs are now overlapping with enterprise systems to provide accessible, secure information that is visible across organisations. With these increased benefits, however, comes a rise in additional security risks.

Typically working on closed, proprietary communication protocols, the migration to open protocols can present several issues, including unpatched software and hard-coded passwords. Robust systems, such as PLCs, were built to last before network connectivity was even considered.

When connecting a legacy system to an open protocol, it is essential that it is done safely and securely. Security patches can be vital in reducing potential cyber-attacks, however many manufacturers forgo their roll out as the associated costs can be high. Every missed patch makes it much harder and more expensive to ensure a legacy system is protected.

It is these risks that the Joint Committee on the National Security Strategy discussed in late May 2018. If ICSs are not protected properly within the utility sector, then it is not just breaches of the GDPR we should be worried about, but the supply of water and energy.

There is no one size fits all solution to protecting industrial control systems and it shouldn’t just cover the protection of a single system. IT and OT convergence means a holistic approach to industrial security should be taken, extending from a single enterprise system, to the people, processes and technologies within a plant.

In its 2016/17 report, the cyber threat to UK business, the National Cyber Security Centre (NCSC) suggested cyber security is most effective when integrated with risk management procedures.

To give maximum protection against cyber-attacks, a plant must have a robust security framework that encompasses people, processes and technologies. Our alliance with Netbuilder, a leading provider of software and IT consulting services, allows us develop and implement seamless solutions across IT and OT, which have traditionally been managed separately.

While having the latest firewalls, antivirus and intrusion detection software is important, it is redundant if staff are not trained properly. Working with an experienced supplier, such as Boulting Technology, will aid in developing one such framework.

Without a strong commitment to security, manufacturers will fall victim to the many pitfalls faced by open protocols.

 

 

About Nick Boughton
Boulting Technology's sales manager, Nick Boughton has worked in the automation industry for over thirty years. He has gathered experience from roles with automation equipment vendors, process OEMs and system integrators, in sectors such as food and beverage, power, chemical and water.

 

About Boulting Technology
Boulting Technology is a leading supplier of Systems Integration, Industrial Network Solutions, LV Motor Control Centres, Switchgear, Control Panels and Telemetry, providing exceptional levels of technical expertise and customer satisfaction, making us the supplier of choice for the products and services that we deliver. It provides exceptional levels of technical expertise and customer satisfaction, making it the supplier of choice for the products and services it delivers.

 

The content & opinions in this article are the author’s and do not necessarily represent the views of ManufacturingTomorrow

Comments (0)

This post does not have any comments. Be the first to leave a comment below.


Post A Comment

You must be logged in before you can post a comment. Login now.

Featured Product

SICK, Inc. - Low-Cost LiDAR: Higher Technology That's Easy to Use

SICK, Inc. - Low-Cost LiDAR: Higher Technology That's Easy to Use

LiDAR (Light Detection and Ranging) is one of the most reliable methods for parts sensing in factory automation today. SICK has made this technology affordable and easy to use! Click on the video link below to learn about the TiM1xx LiDAR sensor and how it provides: - Area scanning LiDAR technology in a standard sensor package - 200-degree field of view and 3 meter sensing range allows for 169 square feet of area scanning - Compact size and light weight enables ease of deployment in "non-standard" type applications, like end-of-arm robotic tooling - Wide area scanning without having to mount a transmitter and receiver makes installation much easier - IO Link for easy configuration