Welcome to the Schneider Electric corporate Website

ENGLISH | FRENCH

Please choose your country or region to view available products.

Choose your country

    • Default Alternative Text

      Insights on the connected enterprise

      Marathon of Security

      157647179-410x230

      Securing Device-by-Device Will Elevate Cyber Profile

      By Gregory Hale, editor/founder ISSSource

      Running in a marathon can be an intimidating task where the erstwhile and eager participant starts off ready to go, but quickly realizes 26.2 miles is a very long way to run. What can get the intrepid marathoner through the entire process is focusing not on the overall target, but in breaking it down in mile-by-mile increments.

      Cybersecurity in the manufacturing realm is very similar where users need to commit to starting a program, but understand that this is a step-by-step process and not a one-time installation.

      The catch is, manufacturers need to jump in on the race because watching from the sideline could be a costly experience.

      Just last year, the average consolidated total cost of a data breach was US$3.8 million, up from US$3.5 million the previous year, which is a 23 percent increase in total cost of a data breach since 2013, according to a study by the Ponemon Institute.

      "When people think about cybersecurity they think about people wearing masks hacking into and stealing credit card information and stealing intellectual property," said John Boville, Marketing Manager for Process Automation at Schneider Electric. "They are not thinking of cybersecurity issues on the plant floor. What about a memory stick found in the parking lot and someone coming in and plugging it in and affecting the programming software and altering the program on your automation hardware? What about somebody inadvertently changing a program by accidentally downloading the wrong program to a device and wreaking havoc with how a machine works?"

      That is why taking security as a step-by-step approach and ensuring secure devices and then elevating to the next level is a smart idea.

      Along those lines if a user has a secure PLC, and the network ends up breached, the device can still remain tight.

      How can a user take these modern elements and
      make them work with legacy devices

      "The protocols themselves that communicate to the PLC carry encryption, they use a (Transport Layer Security) protocol, there are certification exchanges to authenticate yourself with the PLC,” said Andrew Kling, Director of Cybersecurity and Architecture, at Schneider Electric. "So the PLC itself is in a pretty healthy position. If someone gets onto the network it doesn't mean you can automatically reconfigure the PLC. Even if you were able to launch the web browser on it, there is a little web interface used for maintenance functions, there is second layer of authentication that would keep you from connecting to the device. Older generations don't have these protections."

      How can a user take these modern elements and make them work with legacy devices?

      "You have to tighten up that trust boundary and you have to pull some of that allocated functionality down to the device," Kling said. “In the case of the for example, we are bringing Level Two functionality to our Modicon M580 ePAC. We are essentially putting authentication functions into our Ethernet-enabled programmable automation controller securing the protocols to the device."

      If the user is in a situation where one PLC has to talk to another PLC and one has encryption technology and the other doesn’t, the only choice is to go to the lowest common denominator. “To move forward we say you have to upgrade your workstation software and upgrade your PLCs and upgrade your network technology to all participate in this greater cyber security story,” Kling said.

      in an era with budgetary restraint, how can a user justify this
      movement toward security and away from antiquated legacy devices?

      That, however, sounds like added cost, so in an era with budgetary restraint, how can a user justify this movement toward security and away from antiquated legacy devices?

      "We have to continue to educate people about how cybersecurity incidents cause downtime and safety issues," Boville said. "One example is the Turkish pipeline explosion where hackers caused a pipeline to blow up and they were able to prevent (operators) from seeing it was burning."

      The Turkish pipeline explosion occurred Aug. 5, 2008, when attackers shut down alarms, cut off communications and super-pressurized the crude oil in the line. The high pressure caused an explosion felt for miles.

      Be it terrorism, an error in judgement or an inside attack, that one particular event cost the 11 owners of the pipeline, including oil giant BP, US$1 billion.

      From a financial perspective, every company has to look at the loss of intellectual property and damage to machinery, but the cost of downtime is huge, too.

      "Large enterprises are facing a US$1.8 million risk each year for the cost of recovering from a cyberattack," Boville said. "That is real money and that is a real financial risk."

      The only risk today is standing on the side and watching the race go by. Instead, users can take a device-by-device approach that will eventually build up into a solid security program over the course of the marathon of security.


      For related information, click on any of the links below: 

      M580 ePAC, the IIoT ready, Ethernet enabled Programmable Automation Controller
      Industrial cybersecurity services
      Cybersecurity in the connected enterprise - How the new generation of IIoT-ready controllers delivers the benefits of open computing while minimizing the risk of cyber intrusion
      Lesson Learned: IT-OT Convergence

      New value finder tool helps you discover $$ value hidden in plant assets
      Try it now
      Nos conseillers sont disponibles pour répondre à vos questions de 8h00 à 18h00 du lundi au vendredi toute l'année.