Secure your network

According to the organizer of the Hannover Fair, Deutsche Messe AG, two significant trends are now emerging in industrial automation: wireless data transmission, and network security within the production environment. The security issue in particular is of special importance as industry is eagerly embracing Ethernet solutions, with all the attendant risks of insecure interfaces, the German exhibition company reports.

Siemens report that industrial Ethernet, in line with standards IEEE 802.3 and 802.11, is now the No. 1 network worldwide within the LAN environment with a share of over 80%. Today, many automation devices can be operated via an Internet browser. This has been made possible by the universal use of TCP/IP. However, as Olaf Siemens of Innominate Security Technologies warns, this increasingly standardized approach to networking in automation will bring with it susceptibility to harmful software, just as it has done with office automation.

So how does one protect their industrial Ethernet network? Although firewalls and VPNs provide basic security functions, these alone cannot offer complete protection against viruses. A host of companies have come up with security solutions. Innominate Security has come up with a hardware- based solution to virus protection - a device, which mounts on DIN rails, intercepts the data stream to identify viruses in protocols such as HTTP, SMTP and FTP. Siemens offer a security solution specifically for industrial automation technology - SCALANCE S by SIMATIC NET. It protects against, among other things, data espionage and data manipulation.

Methods of security can range from technologies based within the infrastructure itself such as physical connection paths and Virtual Local Area Networks (VLANs) to hardware and software-based devices such as firewalls and security management servers. In the end, a comprehensive security plan must protect against unauthorized access from both internal and external sources, according Frank Prendergast of Schneider Electric’s Automation Business. The most secure network, says Prendergast, is one that has no connections to other systems. But that defeats the major advantage of Ethernet--its easy connectivity to other Ethernet networks or the Internet for information sharing.