Securing industrial networks and remote access for packaging machinery
Packaging machinery’s automation control systems and networks need to be secured to protect valuable intellectual property and enhance productivity.
The ability to use standard unmodified Ethernet throughout, from the enterprise all the way down to individual field devices enables new levels in connectivity for people, processes, data and things, ultimately providing greater productivity, better utilisation of assets, and improved decision-making to industrial companies.
Establishing a Connected Enterprise can deliver many benefits to the packaging industry by providing improved connectivity between enterprise systems and the plant floor.
However, while increasing connectivity and visibility into the system helps create a seamless flow of information; technologies such as mobile devices, the cloud and big data also introduce security risks that require careful consideration and mitigation.
According to Robert Hicks, OEM segment manager at Rockwell Automation, “No single product, technology or methodology can fully secure industrial applications. Protecting industrial assets requires a layered approach that helps mitigate various types of security threats – both internal and external.”
“It’s also important to note that only a small percentage of security risks have malicious intent, the majority of risks are non-malicious in intent, and often even unintentional, such as staff inadvertently accessing controllers or machinery they should not be authorised to access, or changing parameters without realising that their actions could cause issues for that system,” he said.
A defense-in-depth security architecture is based on the idea that any one point of protection may, and probably will, be defeated. This approach requires multiple layers of defense to help ensure a weakness or flaw in one layer can be protected by strength, capabilities or new variables introduced through other security layers.
To help OEMs build these layers of security into machinery and endusers’ facilities, Rockwell Automation teams with industry leaders, such as Cisco® and its other PartnerNetwork™ members. Physical security mechanisms, such as guards and gates, and a network security framework that includes firewalls, intrusion detection and prevention systems, and managed switches and routers, are the building-block layers of a defense-in-depth approach.
Packaging machine builders are required to integrate machines and equipment into a plant network, protect intellectual property at the machine level and provide secure remote access for the end customer. This allows operators to monitor critical parameters and take action before equipment fails to help keep machines running and saving valuable time and money for machine builders and their customers.
“By taking a defense-in-depth approach to security, the benefits that the Connected Enterprise can deliver to manufacturers far outweigh any inherent risks,” explained Hicks.
Robert Hicks will be presenting, Industrial Network Security and Secure Remote Access at the 2015 Annual Technical Forums at AUSPACK in Melbourne on 26th March 2015.