Legacy technology: Will cyber security concerns shut down that old DCS?


Cyber security issues are becoming more critical, almost by the day. DCS vendors are working diligently on increasing the security provisions of current and new networking and control products, but what about old systems that are still operating and not slated for replacement? Can these be adequately defended in an increasingly threatening world? The answer is a heavily qualified yes.

Here are some of the possibilities:

  • Your original vendor may provide some security strategies. This is highly dependent on what you have and how old it is, but it never hurts to ask.

  • You can create perimeter defenses through firewalls or DMZs placed where the DCS connects to outside networks. This hardens your exterior.

  • To give yourself defense-in-depth, there are small device level firewalls and other devices that can be distributed at strategic points throughout the system. These can be effective and invisible when done correctly. When done poorly, they can add intolerable latency issues to a system.

  • If these other approaches aren't practical, your only choice is to isolate the system so it effectively cannot be reached at all from the outside.

At the recent PCSF event in Atlanta, Gary Finco, senior SCADA advisor from Idaho National Labs , said it all comes down to pocketbook issues. Adding "bolt-on" security to an operating DCS, even if the process is difficult, is probably much less expensive than scrapping it and bringing in something more up-to-date. A new system will be costly, especially when you consider the installation, commissioning, and training issues involved with a new DCS.

Gary and a group of cyber security experts from INL recorded a podcast about their work and resources they've made available to end users. Click here to listen .

—Edited by Peter Welander , process industries editor,
Control Engineering Advanced Process Control eNewsletter
(Register here and scroll down to select your choice of eNewsletters free.)

No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Choosing controllers: PLCs, PACs, IPCs, DCS? What's best for your application?; Wireless trends; Design, integration; Manufacturing Day; Product Exclusive
Variable speed drives: Smooth, efficient, electrically quite motion control; Process control upgrades; Mobile intelligence; Product finalists: Vote now; Product Exclusives
Machine design tips: Pneumatic or electric; Software upgrades; Ethernet advantages; Additive manufacturing; Engineering Leaders; Product exclusives: PLC, HMI, IO
This article collection contains the 5 most referenced articles on improving the use of PID.
Learn how Industry 4.0 adds supply chain efficiency, optimizes pricing, improves quality, and more.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

Cyber security cost-efficient for industrial control systems; Extracting full value from operational data; Managing cyber security risks
Drilling for Big Data: Managing the flow of information; Big data drilldown series: Challenge and opportunity; OT to IT: Creating a circle of improvement; Industry loses best workers, again
Pipeline vulnerabilities? Securing hydrocarbon transit; Predictive analytics hit the mainstream; Dirty pipelines decrease flow, production—pig your line; Ensuring pipeline physical and cyber security