Technologies such as Ethernet, Wireless LAN, and web-based services for remote monitoring, diagnostics, and maintenance have long since found their way into public infrastructure facilities. These standard technologies increase convenience and efficiency but also heighten the risk of external attacks. Operators of process plants such as waterworks must therefore develop effective systems to secure communications channels and protect key plant components from unauthorized access.
Siemens has devoted considerable attention to the issue of security in automation systems and has developed a comprehensive security solution based on the IEC 62443 standard and the defense-in-depth model set out in it, with the aim of achieving maximum security through an economical complete solution.
This solution begins not with the technical systems but rather one step before, with a comprehensive security management system consisting of strict organizational rules, unambiguous access permissions, and recurring training to ensure a strong awareness of the need for security among employees. The solution then addresses the plant itself, analyzing existing risks and identifying suitable protective measures in a second step.