Enterprise security measures may heighten vulnerability of plant-floor solutions

As manufacturers integrate plant, enterprise, and supply chain operations, in many cases looking for a real-time view of production, the threat of a cyber attack becomes more of a concern—or it should, anyway, say industry insiders.

Integrating mission-critical, real-time control systems with historians and databases on the enterprise network—and potentially the Internet—without appropriate security exposes vulnerability.

"The security event management market is just beginning to take off, but we've seen good growth since last year," says Lori Dustin, a VP with Verano, a supervisory control and data acquisition (SCADA) systems vendor.

That demand is worldwide. Verano recently announced six new resellers for Verano's Industrial Defender security solution in Europe, the Middle East, Asia, and Australia. Those resellers now target manufacturers in Russia, Australia, Spain, Belgium, the Netherlands, and Italy.

The reason behind the market's growth is easy to understand, says Colin Masson, a director with Boston-based AMR Research. While it may be inconvenient to lose access to email—or even an ERP system—losing control of manufacturing systems invariably leads to lost revenue, potential loss of credibility with stakeholders, and, in the worst-case scenario, loss of life, he says.

Security threats to manufacturing systems can be broadly categorized into three types:

• Software malware: Running today's manufacturing systems on the same operating systems and computing platforms as commercial IT systems makes them susceptible to viruses, spyware, and software updates and patches.
• Internal users: Many disruptions to manufacturing systems come from "inside the firewall." Some disruptions are intentional, but many are accidental—like the unexpected side effects that stem from changes to system configurations.
• External threats: Terrorists have specific objectives in targeting critical infrastructure, but there also are documented cases of manufacturing disruptions caused by hackers.

"Even something as simple as neglecting to properly isolate manufacturing systems networks from general-use networks can cause nondeterministic behaviors in the real-time shop-floor environment, with devastating effects," says Masson.

Companies in the oil & gas, power, water, and transportation industries first come to mind as those that would benefit most from security systems, but the reality is any company with a SCADA or distributed control system—and a plant environment with plenty of software solutions—should be concerned about cyber security, says Dustin. That includes companies in the chemicals, pharmaceuticals, food & beverage, and metals markets, she says.

"Most manufacturers use multiple plant-floor solutions from a number of vendors," Dustin says. "That means they need an overarching security system that accounts for solutions regardless of their supplier—or the age of the systems—so the manufacturer has one system in place to enable centralized visibility."

Verano's Industrial Defender, for instance, protects critical assets against viruses, worms, Trojans, hackers, application exploits, rogue systems, resource starvation, and unauthorized use. Its layered approach includes security monitoring of multi-vendor control system metrics, perimeter protection, and network monitoring to prevent and detect internal and external threats, Dustin says.

Running such a solution prevents dire consequences, Masson says, but according to Dustin, there are other benefits. During Industrial Defender implementation, for example, Verano's security engineers often detect viruses, inappropriate systems configurations, and unauthorized activity that compromise security—as well as performance issues that may be addressed to improve productivity.