• Newsletters
  • INDUSTRY PERSPECTIVES
  • TECHNICAL RESOURCES
  • WEBINARS
  • SUBSCRIBE
  • CP Journey
    • 1661881672039 Bedrockbestpracticeswhitepapersm
    1. Safety/Security
    2. Cybersecurity

    Report Spotlights ICS Cyber Security Vulnerabilities

    Jan. 19, 2018
    Bedrock Automation releases an informative white paper on the cyber security vulnerabilities and defense of industrial control systems.
    Bedrock-BestPractices-Whitepaper-sm

    Bedrock Automation releases new white paper.

    Bedrock Automation, maker of the Open Secure Automation (OSA) platform, releases a white paper on the cyber security vulnerabilities and defense of industrial control systems. The 20-page document, Securing Industrial Control Systems - Best Practices, covers the threat landscape and presents a holistic approach to defending it, including assessing risk, physical security, network security, workstation and server security and the fundamentals of OSA.

    “As we discuss cyber security with users of automation, we find that many are aware of the threat potential but are not sure if they are doing enough to protect themselves,” says Albert Rooyakkers, Bedrock founder and CEO.  “We saw the need for a technical paper that explains both the mindset and motives of an attacker, as well as the tools and technologies of defense.” 

    The first half of the paper covers conventional cyber security practices that apply to all industrial control systems. It provides an assessment of the threats, including drive-by attacks, advanced persistent threats (APTs), espionage, process attacks and ransomware. It also looks at assessing the related risks, with an introduction to process hazards analysis (PHA) and hazards and operability (HAZOP) methodologies used to identify malfunctions that might harm people, the process or the environment. To assist with risk assessment, the paper provides an overview of conventional protection practices. This includes network segmentation, firewalls and DMZs; managing workstations, servers, end-users and applications; and implementing active defense measures, including security event monitoring and management.

    The second part of the paper is devoted to more recent techniques, based on the application of intrinsic cyber security advances that have been applied in military, aerospace and ecommerce, and are now being used to protect industrial control systems. These create a hardware end-point root of trust that combines advanced cryptography, digital signing techniques, an industrial certificate authority and public key infrastructure (PKIs) built into the control system to create an infrastructure for user defense. The paper also presents the features of the Bedrock Open Secure Automation platform.

    To download the paper, visit: www.bedrockautomation.com/revolution

    Continue Reading

    Sponsored Recommendations

    Keys to Improving Safety in Chemical Processes (PDF)

    Many facilities handle dangerous processes and products on a daily basis. Keeping everything under control demands well-trained people working with the best equipment.

    Get Hands-On Training in Emerson's Interactive Plant Environment

    Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

    Rosemount™ 625IR Fixed Gas Detector (Video)

    See how Rosemount™ 625IR Fixed Gas Detector helps keep workers safe with ultra-fast response times to detect hydrocarbon gases before they can create dangerous situations.

    Micro Motion 4700 Coriolis Configurable Inputs and Outputs Transmitter

    The Micro Motion 4700 Coriolis Transmitter offers a compact C1D1 (Zone 1) housing. Bluetooth and Smart Meter Verification are available.