Click to download Ethernet Basics manual - Grant Industrial Controls
Click to download Ethernet Basics manual - Grant Industrial Controls
Click to download Ethernet Basics manual - Grant Industrial Controls
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Au<strong>to</strong>mation networks & Security 105<br />
example, cables that are pulled out or wrongly plugged in. Production standstill or something<br />
even worse can result from the use of an USB stick that it is infected with a virus and is<br />
plugged <strong>to</strong> a PC that is connected <strong>to</strong> a machine. Data traffic from the office network can<br />
cause delays on the production network.<br />
On the other hand, there is a distinct possibility that the data that is hacked will be misused.<br />
The company can be blackmailed in such a case. Recent studies show an increasing trend<br />
in the area of industrial security incidents. The more accidental events are more and more<br />
supplemented with external incidents such as viruses, Trojan horses, system hacking, sabotage,...<br />
. Hackers have acquired more and more knowledge of control systems and SCADA<br />
applications. Hackers carry out their activity less and less for the fun of it and more and more<br />
with the intention <strong>to</strong> blackmail a certain company. This has become an organised crime.<br />
Security is a must.<br />
9.3.3 Objective of security<br />
The main objectives of security are threefold:<br />
• confidentiality: security that data do not end up with a third party.<br />
• Data integrity: protection of the data against unwanted adaptations or against their<br />
destruction.<br />
• availability: resources are available and function correctly at the time that they have <strong>to</strong><br />
do so.<br />
Security will therefore prevent an unauthorised person from entering the system, will make<br />
sure that the system functions normally at all times and that all data in the system can be<br />
handled in a confidential manner.<br />
9.3.4 Security in the office world versus security in the au<strong>to</strong>mation world<br />
Introduction<br />
The integration of open systems can give the impression that the security problems within<br />
the production world can be solved by copying the approach in the office world. However,<br />
there are important differences between both domains. The office IT is not the same as production<br />
IT. It has <strong>to</strong> be checked what elements from the office IT are used and not used in the<br />
production IT. There is a standard under development (ANSI/ISA99) <strong>to</strong> completely describe<br />
the what, how and why of the security in the au<strong>to</strong>mation world.<br />
Main objective of security<br />
First of all, there is an important difference in the main objective of security.<br />
In the office world, the main aim for security is always the confidential handling of data.<br />
In the au<strong>to</strong>mation world, the main aim for security will always be the availability of the production<br />
system.