PuK - Process Technology & Components 2024

More documents

Recommendations

Info

Components OT security New standards affect the OT network OT security must be planned from the outset Denise Fritzsche und Dipl.-Ing. (FH) Nora Crocoll Security is becoming an increasingly important topic for machine builders and plant operators. Standards such as IEC 62443 (international series of standards for “Industrial communication networks - IT security for networks and systems”), among other things, set requirements for system security and security levels. The objective is to strengthen industry’s cyber resilience, above all on the OT (Operational Technology) level too. For this is affected by attacks on the IT level with increased regularity, effectively as “bycatch”. At the same time, it should also be protected from direct attacks, which occur in the production environment. Security is therefore a topic that not only concerns the individual system parts, but above all the communication platform used too. Plants in automated production or the process industry are made up of numerous individual machines. The management initiates digitalisation projects such as process optimisation, increasing process transparency, energy management, etc. As a result, the requirements for network communication and its security change. As matters currently stand, IEC 62443, Part 3-3 (“System security requirements and security levels”) will also be incorporated in the (EU) Machinery Regulation via Annex III 1.1.9 and will create the circumstances for secure communication. Regardless of this, the Directive’s regulations are already helpful requirements for ensuring security in an OT network. It can be assumed that plant builders and operators will soon be required to have more network know-how. Or they will bring in external expertise, as is the case for mechanical engineering. Security concepts OT security is not something that can be simply “pulled on” after completion of a plant. Rather, the topic affects every installed component of the plant and extends to the depth of the physical network structure. Cyber security must therefore be planned from the outset. To this end, IEC 62443 provides various security concepts, which not only concern the hardware and systems used, but also Fig. 1: Tools and strategies for cyber security concern the entire life cycle of a plant. (Copyright holder: Indu-Sol) processes in the company and the organisation’s degree of maturity, in other words, the employees’ understanding of the existing processes and their ability to know what to do in the respective problem case. The network experts of Indu-Sol have been dealing with the reliability of industrial networks since the company was founded a good twenty years ago. A network that does not function reliably, for whatever reasons, always also influences the security of the whole plant. The tools can be used to make transparent what is going on in the network. Above all in relation to the security of networks, plant builders and operators can be supported in the areas of hardware and systems as well as the maturity of the organisation by providing appropriate system training courses. Network in the plant life cycle Whoever plans for OT security in plants should also do the same for the network. But this is a complex undertaking, which cannot be simply dealt with as an aside. It needs a network engineering expert, not only for the plant planning but also during subsequent operation. But this is usually not feasible from a financial point of view, and as a consequence of the shortage of skilled personnel, well-trained employees for network engineering are hard to find. This is where it can make sense to outsource the network topic to external service providers from the initial period of the plant’s life cycle (Fig. 1). This provides the additional advantage that, on handover of the finished plant from plant builder to plant operator, there is no change in responsibility for the network engineering. Network experts are able to provide advisory support during the strategic planning phase. They then undertake the network planning in 104 PROCESS TECHNOLOGY & COMPONENTS 2024
Components OT security the implementation and performance requirements period. During the setting up and commissioning they take care of the network acceptance, during operation they ensure condition monitoring and predictive maintenance through appropriate service level agreements. They are also there to provide advice for plant retrofits and help with network modifications. All these tasks need three things: Knowhow, the right hardware and services suitable for the respective period in the life of the plant. Tools with integrated expertise The times in which OT networks were still islands independent from the rest of the world are largely in the past. The advantages that can result from convergent networks and direct access to the smart sensor data of the machines and plants are too great. Therefore, OT networks are increasingly internally linked to the IT level. This also then means that each component in which a CPU is installed is vulnerable. The topic of OT security is thus highly interwoven with the hardware used. The clou is that the solutions, which have proven their worth in recent years for the reliable operation of networks with the focus on predictive maintenance, are also suitable for monitoring network security. The system is therefore now referred to as a CM&SM (Fig. 2), a condition monitoring & security management system. To ensure OT security, IEC 62443-3-3 sets various requirements, which ultimately provide the condition for the principle of “Defence in Depth” (Fig. 3). The requirements relate to identification or authentication, use control, system integrity, confidentiality of the data, prompt response to events and the availability of the resources. Each of these seven requirements needs different tools or measures to implement them. The various solutions of Indu-Sol can help in completely different areas. Here are a few examples: An initial topology scan for the identification or authentication of OT networks and a periodic scan, for example, can be implemented and managed with our condition monitoring & security management system. The tools of the network experts check the data commu- Fig. 4: OT cyber security and digitalisation in accordance with ISA/IEC 62443, Part 3-3 (copyright holder: Indu-Sol) nication for unwanted changes, use encryption methods for secure data transmission, segment individual network areas for security reasons, ensure continuous data monitoring and auto- Fig. 3: Excursus: ISA/IEC 62443 – The layers of defence in depth from the view of OT (copyright holder: Indu-Sol) service providers with the appropriate know-how. Indu-Sol contributes this know-how on an equal footing within the scope of an OT competence partnership. The good news is that it is not necessary to reinvent the wheel, but instead, tried and tested solutions are on hand to face these new requirements confidently. Fig. 2: Condition monitoring and security management system (CM&SM) for plants and OT networks with Profinet and Ethernet/IP (Copyright holder: Indu-Sol) mated alerting or help with the backup and restoring of device configurations. The list of requirements and how they can be met with the system is long. One trend is clear: With the requirements of IEC 62443 and also the new Machinery Regulation that will soon come into effect, in future greater focus will be placed on the OT security of industrial communication networks (Fig. 4). This requires solutions in the form of components, supporting systems as well as skilled employees or The Authors: Denise Fritzsche, Marketing at Indu-Sol and Dipl.-Ing. (FH) Nora Crocoll, Redaktionsbüro Stutensee Indu-Sol GmbH, Schmoelln www.indu-sol.com PROCESS TECHNOLOGY & COMPONENTS 2024 105
Page 2 and 3:
INSPIRING SUSTAINABLE CONNECTIONS +
Page 4 and 5:
Approx. 5 % Approx. 15 % Approx. 76
Page 6 and 7:
PROCESS TECHNOLOGY & COMPONENTS Edi
Page 8 and 9:
PROCESS TECHNOLOGY & COMPONENTS Con
Page 10 and 11:
Leading article Efficiency and qual
Page 12 and 13:
Leading article and frequently atta
Page 14 and 15:
Cover story Pump monitoring and pro
Page 16 and 17:
Cover story Fig. 3: Permanent condi
Page 18 and 19:
Pumps and Systems High-efficiency p
Page 20 and 21:
Pumps and Systems Diaphragm meterin
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Pumps and Systems Progressing cavit
Page 28 and 29:
Page 30 and 31:
Pumps and Systems Smart Factory The
Page 32 and 33:
Pumps and Systems Smart Factory Fig
Page 34 and 35:
Pumps and Systems Peristaltic pumps
Page 36 and 37:
Pumps and Systems Peristaltic pumps
Page 38 and 39:
Page 40 and 41:
Pumps and Systems Screw pumps Advan
Page 42 and 43:
Vacuum technology Vacuum systems Tr
Page 44 and 45:
Vacuum technology Vacuum systems 05
Page 46 and 47:
Vacuum technology Screw spindle vac
Page 48 and 49:
Page 50 and 51:
Page 52 and 53:
PROCESS TECHNOLOGY & COMPONENTS Ind
Page 54 and 55: Vacuum technology Repair vs. replac
Page 56 and 57: Pumps/Vacuum technology Companies -
Page 70 and 71: Trade fairs and events IFAT Munich
Page 72: Trade fairs and events IVS - INDUST
Page 75 and 76: Trade fairs and events ACHEMA 2024
Page 77 and 78: Trade fairs and events VALVE WORLD
Page 79 and 80: Save the Date industrial valves & s
Page 81 and 82: Compressors and Systems Machine roo
Page 83 and 84: Compressors and Systems Machine roo
Page 85 and 86: Premium technology makes all the di
Page 87 and 88: Compressors and Systems Biogas back
Page 89 and 90: Compressors and Systems Sustainabil
Page 91 and 92: FILTECH This variant of heat recove
Page 93 and 94: Components Plant documentation Gett
Page 95 and 96: Components Plant documentation Mana
Page 97 and 98: Components Frequency converter a 2-
Page 99 and 100: Components Frequency converter with
Page 101 and 102: Components Total cost of ownership
Page 103: Components Gaskets heating applianc
Page 107 and 108: Components Sensors Your newsletter
Page 109 and 110: Components Drives Fig. 2: The MOVIG
Page 111 and 112: Components Seals Resistances always
Page 113 and 114: Compressors/Compressed air/Componen
Page 115 and 116: Compressors/Compressed air/Componen
Page 117 and 118: H ENG ENGLISH ENGLISH E H ENGLISH E
Page 119 and 120: High-temperature engineering Hortic
Page 121 and 122: High-temperature engineering Hortic
Page 123 and 124: Drive concept Design features Conve
Page 125 and 126: Drive concept Design features Conve
Page 127 and 128: Side channel pumps Standardized pum
Page 129 and 130: Side channel pumps Standardized pum
Page 131 and 132: Vacuum accessories Laser technology
Page 133 and 134: Vacuum pumping stations Service Dif
Page 135 and 136: Screw vacuum pumps (Helicoidal gear
Page 137 and 138: Gas compressor helium Gas compresso
Page 139 and 140: Conveyed media Service Scroll compr
Page 141 and 142: Portable screw compressors, fluifre
Page 143 and 144: Pressure distribution Compressed ai
Page 145 and 146: Industrial valves Valves Automatic
Page 147 and 148: Industrial valves Valves Automatic
Page 149 and 150: Ball and plug valves Actuators and
Page 151 and 152: Brand name register Gebr. Becker Gm
Page 153 and 154: Brand name register JUMO GmbH & Co.
Page 155 and 156:
Brand name register Pfeiffer Vacuum
Page 157 and 158:
& Pumps Systems for process technol
show all

PuK - Process Technology & Components 2024

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?