Security and Network Protection are difficult challenges for Industrial Internet and for Industrial Internet Of Things (IIOT) Enzo M. Tieghi [email protected]
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Security and Network Protection are difficult challenges for Industrial Internet and for Industrial Internet Of Things (IIOT)Enzo M. Tieghi [email protected]
Is still possible to define a perimeter?ICT Security & Control System Protection: where?
3
ANSI/ISA95 Functional Hierarchy www.isa.org
Level 4
Level 1
Level 2
Level 3
Business Planning & Logistics
Plant Production Scheduling,Operational Management, etc
Manufacturing Operations Management
Dispatching Production, Detailed ProductionScheduling, Reliability Assurance, ...
BatchControl
DiscreteControl
ContinuousControl
1 - Sensing the production process, manipulating the production process
2 - Monitoring, supervisory control and automated control of the production process
3 - Work flow / recipe control to produce the desired end products. Maintaining records and optimizing the production process.
Time FrameDays, Shifts, hours, minutes, seconds
4 - Establishing the basic plant schedule -production, material use, delivery, and shipping. Determining inventory levels.
Time FrameMonths, weeks, days
Level 0 0 - The actual production process
Level 4
Level 1
Level 2
Level 3
Business Planning & Logistics
Plant Production Scheduling,Operational Management, etc
Manufacturing Operations Management
Dispatching Production, Detailed ProductionScheduling, Reliability Assurance, ...
BatchControl
DiscreteControl
ContinuousControl
1 - Sensing the production process, manipulating the production process
2 - Monitoring, supervisory control and automated control of the production process
3 - Work flow / recipe control to produce the desired end products. Maintaining records and optimizing the production process.
Time FrameDays, Shifts, hours, minutes, seconds
4 - Establishing the basic plant schedule -production, material use, delivery, and shipping. Determining inventory levels.
Time FrameMonths, weeks, days
Level 0 0 - The actual production process
Say no to ”flat networks” with:Seg/Seg:
Segment+ Segregate=Secure?
Follow the Zones & Conduits model (according to ISA99/IEC62443)
DataServer
File/PrintServer
App.Server
WorkstationLaptop computer
Router
Plant A Zone
Controller Controller
I/O I/O
App.Server
DataServer
Maint.Server
Plant A Control ZoneFirewall
DataServer
File/PrintServer
App.Server
WorkstationLaptop computer
Router
Plant B Zone
DataServer
File/PrintServer
App.Server
WorkstationLaptop computer
Router
Plant C Zone
MainframeWorkstationLaptop computer Server Server
Enterprise Zone
Firewall
Enterprise Conduit
Plant Control Conduit
Controller Controller
I/O I/O
App.Server
DataServer
Maint.Server
Plant B Control ZoneFirewall
Firewall
Plant Control Conduit
Controller Controller
I/O I/O
App.Server
DataServer
Maint.Server
Plant C Control ZoneFirewall
Firewall
Plant Control Conduit
Here is an example taken from tech literature
Enterprise Control Network
Manufacturing Operations
Network
Perimeter Control Network
Control System
Network
Process Control Network
Source: Siemens
Zone & Conduits with Firewalls protection (multilayered defence)
Corporate Firewall
Industrial Firewall
Source: Byres - Tofino
Process plant with remote connection
8
Local Network protection (batch production)
9
Wired vs Wi-Fi
Il wireless arriva in fabbrica
Smart Control Systems
Smart Analytical
Smart FinalControl
Smart AssetOptimization
Smart Safety
Smart Measurement
Smart MachineryHealth
Smart Wireless
11
SCADAServer
Client Scada-Historian-KPI
1
3
4
67
Mobile BI- KPI/ Allarmi
RTU onAPNPrivate/Public
2
5
Datacenter/HistorianServer
KPI/ALM Server
CLOUD, MOBILE, BYOD….
Related Documents
![Zilla Panchayath Dharwad 4(1)a.pdf · +-lg: 7016-17 2016-17 22: 2016-17 2016-17 1:åeffi-25: 2016-17 2016-17 2016-17 2016-17 2016-17 2016 2016d 2016 08-08-2016 dad] 09 08-2016 09-08-2016](https://static.cupdf.com/doc/110x72/5f4442908a716769256afc45/zilla-panchayath-41apdf-lg-7016-17-2016-17-22-2016-17-2016-17-1effi-25.jpg)
