|
by Stephanie Neil, MA Editorial Staff   | Abstract: | In tomorrow's plant, where machines, sensors, instruments, and other devices will be networked, simply locking down the perimeter with technologies such as firewalls won't be good enough. The future will require a highly layered approach to plant security. |
| Keywords: | highly layered approach to plant security, securing the core |
No doubt, you have read about the high-end, Internet-connected coffee machine that comes complete with downloadable drink recipes and a gaping security hole that reportedly allows it to be taken over by hackers.
A hackable coffee machine may seem innocuous. But it is an example of the new ultra-connected and much more insecure electronic era we've entered, an era some call "the Internet of things," when all kinds of Internet Protocol (IP)-enabled devices communicate over cellular networks, WiFi, Ethernet (wired and wireless), and, in the industrial setting, sensor-based networks.
According to Harbor Research, there will be anywhere from 500 million to 1 billion devices communicating continuously over the Internet by the year 2010. These devices — many of them on the factory floor — will enable new services, including status monitoring and usage tracking of assets, materials replenishment, remote diagnostics, and automated repair. Collectively, this will enable about $500 billion in value-added revenue from services provided by vendors and manufacturers alike, Harbor estimates.
But this world of hyper-connectivity, where virtually any industrial machine, instrument, or sensor can be networked, comes with a cautionary caveat: Managing this ever-increasing "network of things" will require new types of security tools and strategies. That's because, as the number of networked devices grows, so does the risk that there could be a security breach caused by the inadequately protected coffeemaker in the kitchen or the gauge in the refinery.
"As things scale, there is a lot of risk related to information being disclosed or, worse, something getting blown up," Harbor Research President Glen Allmendinger says.
In this new world, experts say, tried-and-true security strategies and tools won't cut it. Historically, businesses have attempted to protect networks by hardening the perimeter with tools such as firewalls. When everything is connected to the Internet, however, that's not good enough.
"Firewalls were good in their day, but think back to how long they've been around," says Ken Pappas, vice president of marketing and security strategist at Top Layer Networks. Having a firewall isn't enough, as it means that "anyone who understands hacking tools can go after a company and disturb the business."
To offset a potential security breach in this new commingled topology of Internet, cellular, Ethernet, and wireless mesh connections, manufacturers will need to take a layered approach that protects the core of the network — not just the perimeter, as a firewall does. Instead, experts say, this new device security framework combines governing policies and procedures; virus protection; encryption and authentication technology; network scans that identify rogue devices; software that can identify an abnormality before, rather than after, an incident; and visibility into a breach.
"There is a new word in the security business, called 'de-perimetization,' " says Wayne Manges, program manager for the industrial wireless program, a Department of Energy-sponsored program at Oak Ridge National Laboratory. "It is about protecting the data, not the perimeter."
New products from companies such as Mocana Inc., Top Layer Networks, Apprion Inc., and Motorola are focused in different ways on providing layered security protection at the core. In addition, the control vendors are beginning to take on more responsibility when it comes to securing their system architectures.
Page : 1 2 3 4 ... NEXT |