PLC change management

Automation control systems often involve an array of PC workstations, programmable logic controllers (PLCs), robotic controllers, and HMI (human machine interface) workstations. Control logic is stored either in the device or on an associated workstation and can involve a large number of associated files and executable programs grouped into "projects.

02/01/2005


Related reading

Automation control systems often involve an array of PC workstations, programmable logic controllers (PLCs), robotic controllers, and HMI (human machine interface) workstations. Control logic is stored either in the device or on an associated workstation and can involve a large number of associated files and executable programs grouped into 'projects.' This complexity poses a challenge to detecting unauthorized—and potentially hazardous—program changes, especially where systems from multiple vendors and the associated variety of program development and device management tools exist.

Until recently, proprietary protocols and network isolation provided adequate security from external threats. However, many vendors are abandoning proprietary communication mechanisms to lower costs and improve reliability. Similarly, more and more device management is moving to PC-based workstations and other open systems. This transition to standard protocols and operating systems is making modern devices and systems more vulnerable to attack.

Risk areas

Internal risks are present in several forms. Most visible is the disgruntled employee who has proper access and system knowledge. Although system design and interlocks can prevent most catastrophic events, it is far easier to make changes resulting in system downtime. The role of the change management system in detecting and preventing such scenarios lies in how these threats typically manifest: someone with malicious intent will often modify a program to perform an undesirable action at some time in the future, not at the moment of the change. In the time between the planting of the malicious code and its triggering, a change management system can detect the damage, alert appropriate individuals, and prevent a harmful situation.

The second form of internal risk is the case of someone making an incorrect change to a system parameter, damaging properly running code. Though training and data backups are helpful, they are not enough. Even the best-trained personnel make mistakes. Data backup systems usually focus on server data and rarely backup the logic in proprietary devices. The role of the change management system in this case is to make available a previously verified and documented version of the program.

A third form of internal risk lies in the lack of an approval process prior to making system changes. This problem is made more acute when contractors are brought in and allowed to make changes or downsizing decreases plant-floor systems expertise. Role of the change management system in this case is to provide an approval process and audit trail of changes.

Much has been written recently about the external threats posed by those with malicious intent. Proper use of firewalls, DMZs (demilitarized zone: computer or small subnetwork that sits between a trusted internal network), and access restrictions are key to securing mission-critical systems. However, these steps do not track actual changes made to control systems. To achieve this level of security requires a change management system to compare the logic currently in use to a reference copy.

Another challenge in detecting changes in automation devices lies in the design of the devices themselves. Many allow direct connection to the processor, as with a PLC, bypassing network security and validation. To detect these changes in a timely manner, it is necessary to look for them frequently. Automating this process is a far more precise way to achieve this goal than periodic, cursory reviews.

Type of change to control system

Authentication

Real-time changes

Time-delayed changes

Using Proper Authentication

• Change management system would contain a copy of the last authorized version of code.

• Change management system would contain a copy of the last authorized version of code.

• Change management system works in conjunction with other vendor applications to capture change history and audit trail.

• Change management system works in conjunction with other vendor applications to capture change history and audit trail.

Bypassing Authentication

• Change management system would contain a copy of the last authorized version of code.

• CMS Periodically conducts scan and comparison of device logic to reference files. Alerts personnel when changes are detected.

• In certain cases the CMS could detect direct communication with plant devices and signal an alert.

Note: CMS=change management system Source: Control Engineering with data from MDT Software


Author Information

Joe J. Colletti Jr., is president of MDT Software;




No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Sensor-to-cloud interoperability; PID and digital control efficiency; Alarm management system design; Automotive industry advances
Make Big Data and Industrial Internet of Things work for you, 2017 Engineers' Choice Finalists, Avoid control design pitfalls, Managing IIoT processes
Engineering Leaders Under 40; System integration improving packaging operation; Process sensing; PID velocity; Cybersecurity and functional safety
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

SCADA at the junction, Managing risk through maintenance, Moving at the speed of data
Flexible offshore fire protection; Big Data's impact on operations; Bridging the skills gap; Identifying security risks
The digital oilfield: Utilizing Big Data can yield big savings; Virtualization a real solution; Tracking SIS performance
click me