Siemens Worldwide

The Magazine


The Magazine
For many years, infrastructure facilities such as waterworks and wastewater treatment plants were not considered likely targets of cyberattacks. The growth of web-based services, however, has increased the risk

IT security

Focus on IT security

Communications networks are increasingly being used in public infrastructure facilities. This heightens the risk of malicious attacks and demands a fundamental rethinking of plant IT security.

Technologies such as Ethernet, Wireless LAN, and web-based services for remote monitoring, diagnostics, and maintenance have long since found their way into public infrastructure facilities. These standard technologies increase convenience and efficiency but also heighten the risk of external attacks. Operators of process plants such as waterworks must therefore develop effective systems to secure communications channels and protect key plant components from unauthorized access.  

Siemens has devoted considerable attention to the issue of security in automation systems and has developed a comprehensive security solution based on the IEC  62443 standard and the defense-in-depth model set out in it, with the aim of achieving maximum security through an economical complete solution.

This solution begins not with the technical systems but rather one step before, with a comprehensive security management system consisting of strict organizational rules, unambiguous access permissions, and recurring training to ensure a strong awareness of the need for security among employees. The solution then addresses the plant itself, analyzing existing risks and identifying suitable protective measures in a second step.

Hardware and software without back doors

External attacks usually exploit a plant’s communications infrastructure. Effective security therefore begins by limiting network communications between sites to only what is strictly necessary. What is known as the cell protection concept is a well-established method of achieving this aim. It is based on the principle of grouping the components of a system in terms of their communications requirements and separating them from the rest of the network using firewalls. Simatic components are inherently well protected from attacks over the network and thus ideally prepared for high-network-strength product certification.  

In terms of software, virtual private networks and firewalls provide particularly effective protection as long as they are configured correctly. Siemens supports users here with special security functions. To protect PLC programs from being modified using engineering software, standard components such as the Simatic S7-1200/Simatic S7-1500 controllers are equipped with special access protection mechanisms. Digital signatures are used to detect firmware manipulation.

Cameras alone are insufficient. Operators of infrastructure facilities should employ a tiered protection system to prevent unauthorized access

Security for waterworks

Powerful communications systems allow formerly autonomous control systems to be integrated into a system that enables parallel top-level monitoring and control of multiple autonomous plants. A “demilitarized zone” can be established using one or more firewalls, with access limited to strictly defined ports. Only users who are in possession of a valid certificate and are trusted by the company are given access to the systems they are authorized to use. This approach prevents access to other system components or the corporate intranet.

Threat scenarios are constantly changing. Protecting a process plant from external attacks and unauthorized access is therefore never a one-off measure but must be understood as an ongoing process. One method of facilitating this process is a continuous monitoring system in which special software solutions ensure that even complex attacks are reliably detected and trigger appropriate counteraction. The establishment of a secure solution can be supported by an assessment that reveals the weak points in a system and associates them with threat scenarios. The security risk is calculated on this basis, and actions can then be initiated to reduce the risk to an acceptable level.

Thanks to this solution, drinking-water wells, pump stations, rainwater plants, and wastewater treatment plants with telecontrol systems can be connected to central control systems without sacrificing convenience and security.

Picture credits: Siemens AG