Software technology tools can help lower cyber security risk
Software tools like the Rockwell Automation FactoryTalk Security enabled software suite help control access by providing capabilities like authentication and role-based authorization. This service verifies the identity of each user who attempts to enter the automation system and grants access only to those authorized to perform particular actions on a system’s features and resources.
With a configuration environment from Rockwell Automation (Rockwell Software RSLogix 5000 software), you can control access down to the individual module or user-defined add-on instruction. Engineers simply assign a unique source key (or password) to the modules or add-on instructions they wish to protect. A common source key can be used for all the routines or add-on instructions, or unique keys can be assigned to each.
Once a source key is assigned to a specific routine or add-on instruction, that source key is added to the source code and encrypted. This protected source is stored and maintained by configuration software with the encrypted source key remaining in the source even when downloaded to the controller. Attempts to export the protected source will result in an encrypted file that cannot be interpreted. When re-imported, this code remains protected by the original source key.
FactoryTalk, Rockwell Software, and RSLogix are trademarks of Rockwell Automation Inc.
– Brad Hegrat is principal security consultant, Rockwell Automation. Edited by Mark T. Hoske, content manager CFE Media, Control Engineering, Plant Engineering, and Consulting-Specifying Engineer. Reach him at firstname.lastname@example.org.
Information access versus security – related article, linked below.