Safety information
2.3 Data security in automation
2.3
Data security in automation
The topic of data security and access protection (security) is becoming more and more
important in industrial environments. Increased networking of entire industrial plants, vertical
integration and networking of the levels within a company, and new technologies, such as
remote maintenance, are resulting in more increased requirements for protection of the
industrial plant. Security is the generic term for all protection measures:
● Loss of confidentiality due to unauthorized accessing of data
● Loss of integrity due to data manipulation
● Loss of availability due to destruction of data
To provide protection from manipulation in sensitive plant and production networks, it is not
enough to apply data security solutions for offices to industrial applications without any
adaptation.
Requirements
The special requirements of communication in an industrial environment (e.g.
communication in real time) result in additional requirements for security in industrial use:
● Protection against interaction between automated cells
● Protection of network segments
● Protection from unauthorized access
● Scalability of the security functionality
● No influence on the network structure.
Threats
Threats can arise from external and internal manipulation. Loss of data security is not always
caused by deliberate actions.
Internal threats arise due to:
● Technical faults
● Operating errors
● Errors in programs
This internal hazards are compounded by external threats. The external hazards do not differ
from the known threats in the office environment:
● Computer viruses and computer worms
● Trojan horses
● Unauthorized access
● Password phishing.
Password phishing means attempting to get a user to divulge access data and passwords by
masquerading as a different identity in an e-mail.
16
SIRIUS 3RW5 EtherNet/IP communication module
Manual, 05/2019, A5E45131885002A/RS-AA/001