View All Cybersecurity
Southwest Research Institute (SwRI) has developed an intrusion detection system (IDS) for industrial control systems (ICS) used in critical infrastructure and manufacturing systems.
How endpoint OT security asset management improves a CISO's ability to deliver measurable and rapid improvements to OT cybersecurity.
These five adaptations of traditional IT XDR allow IT security teams to achieve effective and efficient multi-telemetry detection and response in OT environments.
When it comes to operational technology (OT), there are frequently missed elements of a strong security program that could leave companies exposed. Six methods to improve are highlighted.
There is a strong need to take a fresh look at automated manufacturing with concern to cybersecurity. Three risks and three tips are highlighted.
Digitalization and AI bring opportunities for robots, but also a degree of cybersecurity risk as more data is gathered and processed all the way from the edge to the cloud and beyond.
The human element is the biggest obstacle when it comes to cybersecurity because people often need to act against their nature to be successful.
It's important to define what industrial control systems (ICSs) are, why they are vital and the unique challenges of securing them.
With more remote connections to industrial plants and facilities, risk of cybersecurity breaches has increased. What risk mitigation is in place?
Managing control system cyber risk and tactical industrial control system/operational technology (ICS/OT) defense is doable.
Assessing and monitoring the security of operation technology (OT) systems can be aided by conducting an OT cybersecurity threat risk assessment (TRA). An eight-step procedure is outlined.
Protecting key resources and critical infrastructure (CI) is essential to security, public health and safety, economic vitality and our overall way of life.
Examine micro-segmentation as part of a broader cybersecurity architecture, not a replacement for the current cybersecurity architecture. Industrial cybersecurity system micro-segmentation decreases the attack vector on industrial environments, according to a company with a Control Engineering Engineers’ Choice Award product.
IEC 62443 is the international reference standard for industrial cybersecurity of components and systems developed in conformity with ISA/IEC requirements.
Cybersecurity can improve with a unified operational system that integrates multiple pieces of equipment, updates codes and standards, combined with multiple original equipment manufacturers (OEMs) and software packages, providing a unified dashboard for the operator, according to a company with a Control Engineering Engineers’ Choice Award product.
Five principles to establish the right operational technology (OT) cybersecurity governance model for an industrial organization can create a more secure environment.
Many water, wastewater, and other critical infrastructure organizations lack OT personnel skilled in cybersecurity and this could be dangerous when facing ransomware attacks such as BlackMatter
Many industrial organizations want “visibility” or “detection” but aren’t clear on the ultimate objective or how to measure it.
For modern industrial control systems (ICSs), cybersecurity involves technologies and user best practices. Four cybersecurity fundamentals are highlighted.
Organizations need endpoint security and protection to stop ransomware in its tracks, but also to demonstrate improvement and secure baselines to various stakeholders.
Examining industrial control system cybersecurity requires looking at audits, access controls, threat detection, risk mitigation, process sensor security and authentication and vendor collaboration.
Analysis of past attacks in the throwback attack series, attacks on operational technology assets, industrial malware, industrial ransomware and physical plant damage beyond computers are among leading topics of industrial cybersecurity interest in 2021.
Having an OT/IT convergence strategy is essential to OT cybersecurity.
ICS security programs need to be evaluated periodically; the evaluation process should be formalized and repeatable.
Bridging the gaps between information technology (IT) and operational technology (OT) can improve performance on the floor and reduce risks to operations.
Many cybersecurity steps are simple, but they must be done
The history of industrial information technology (IT) set the stage for the Industrial Internet of Things (IIoT) and digital transformation; keep it safe with cybersecurity best practices.
Manufacturers should take time to delve deeper into the needs and goals of the organization while considering associated risks.
A power service company and system integrator collaborated to merge information technology (IT) and operational technology (OT) to create a secure platform for the power service company’s operations in Chile.
As the IT and OT worlds continue to overlap, take time to prepare your team for the impact of IT security on OT applications.
By applying information technology (IT) strategies and organization, operational technology (OT) can monitor and manage cybersecurity measures more efficiently.
Cloud security has some pretty major flaws such as configuration errors, malware, insider threats, data breaches and even account hijacking
The rise of Industry 4.0 means there are greater cybersecurity risks and manufacturers and engineering sectors need to take a hard look at what they can do to keep their new systems safe.
Security approaches that uses several layers of defense mechanisms placed in a computer network to defend against malware attacks
Best practices manufacturers can implement to better secure their network in many ways. Five levels of cybersecurity are highlighted.
Articles about cybersecurity tactics, Engineers' Choice finalists, digital transformation, embedded systems and system integrators and cybersecurity were Control Engineering’s five most clicked articles from October 25-31, 2021. Miss something? You can catch up here.
Securing operational technology (OT) networks for resiliency against cyberattacks requires coordination between information technology (IT) and OT personnel, and recognition of the differences between the two domains
Matching individual needs with specific operational technology (OT) cybersecurity solutions can be a difficult task. Seven questions are highlighted to make the process easier.
Know the overall objectives of operational technology (OT) cybersecurity and to ensure progress against risk reduction and threat response. Three steps for reducing risk and threat response are highlighted.
Operational technology (OT) is having a greater role in cybersecurity for manufacturing companies and taking the right approach with the chief information security officer (CISO) is critical.
Cybersecurity experts offer advice and best practices on information technology/operational technology (IT/OT) convergence and how manufacturers can prepare themselves for challenges.
Legacy OT security challenges are overcome by using best practices for visibility architecture and increasing compatibility
There are many aspects to an OT network that don’t just fall under the hardware/software umbrella. Physical security and policies and procedures are just as important.
It has been said many times that IT and OT need to work together, but why is it so important? Here are three day-to-day functions where IT/OT convergence will help with risk reduction and improve your chances of success.
The Fortinet OT Symposium, Energy Day, on Aug. 31, provided expert advice and best practices on how to secure the future of industrial controls in the energy sector.
IT and OT teams often seem like they're in different worlds. To bring true IT security into the OT environment, here are four key steps to help organizations create IT-OT convergence.
Edge computing is a growing trend in manufacturing and business. So what exactly is edge computing, and what does it mean for information security?
Industrial control system (ICS) attacks are increasing and many of them can be performed with little skill required, which should be an alarm bell for many companies. Four preventive options are highlighted
Distributed network protocol 3.0 (DNP3) is a widely-used serial communications protocol for industrial control systems (ICSs) and is becoming a frequent target for hackers.
Having realistic expectations of addressing a threat and knowing how to respond in an emergency in an efficient way are essential.
The cybersecurity maturity model certification and NIST SP 800-171 Department of Defense (DoD) Assessment explained.
Although a lot is being said about the pros and cons of information technology/operational technology (IT/OT) convergence, there is often little appreciation of what companies at different stages in their evolution may need to do.
Cybersecurity insurance is a major aspect of risk management for many companies as attacks against operational technology increase. Four safeguards against ransomware are highlighted.
A critical security gap that is widely ignored – the disparity between the attention applied between TCP/IP and serial network devices security.
Cybersecurity vulnerabilities and intrusions pose major risks to the Department of Defense (DoD) and its supply chain which is why the DoD is requiring compliance to CMMC
Provisions within the American Jobs Plan could improve critical infrastructure cybersecurity, but it's the first in many steps needed to make the nation safer from cyber attacks.
By applying information technology (IT) strategies and organization, operational technology (OT) teams would be able to monitor and manage cybersecurity measures more efficiently.
There continues to be a fundamental friction between the estimation of cyber risk and the short-term thinking of today’s quarterly budgetary decisions, which can lead to very bad results during the road.
University of Houston's program recruits ROTC students as future cybersecurity gatekeepers.
Cybersecurity maturity and optimization are crucial as attacks against operational technology (OT) continue increasing.
Cybersecurity attacks against manufacturers and other industrial sites are growing and companies need to develop a cybersecurity plan that protects industrial PCs and other vulnerable targets that, until recently, were not connected to the internet.
Reduce the risk of ransomware attacks on OT/ICS systems by following these prevention tips
Most organizations rely heavily on security architects to vet products and assemble optimal solutions that align with security, technology, and business requirements, but a different approach is needed in manufacturing facilities.
Chief financial officers (CFOs) and audit committees need to have a radical reimagining of what cyber-physical security risk means for their organizations.
Cybersecurity challenges requires a different approach to problem-solving because it is a different kind of problem and requires strong leadership at the top.
The Northwest Virtual Institute for Cybersecurity Education and Research (CySER) program establishes a cyberoperations research and teaching center at WSU along with University of Detroit Mercy and Mississippi State University.
IEC 62443 can hold the answer to enhancing cyber resilience for manufacturers and smart factories as it aims to mitigate risk for industrial communication networks by providing a structured approach to cybersecurity.
Columbia Engineering researchers design new techniques to bolster memory safety.
Having a robust strategy, building organizational engagement, and more importantly and realizing operational excellence are keys to cybersecurity management success.
Distributed denial of service (DDoS) attacks can cause severe damage to an industrial control system (ICS) in the short- and long-term and have lasting impacts on the company affected.
A look at how hackers tried to bribe an employee at a major company and the lessons companies can take from this incident.
The past informs the present when it comes to cybersecurity and what we once thought of as fanciful is becoming a reality. What people are willing to do will inform our future.
Understanding what is required at the local, national and international level when it comes to cybersecurity standards can reduce confusion.
As the Cybersecurity Maturity Model Certification (CMMC) rolls out, it’s important for manufacturing companies to think more broadly than just CMMC.
There is no such thing as an unlikely cybersecurity target and those who believe so are the most vulnerable to a potential attack.
NIST has developed an infographic with steps control system owners/operators can take now to get started or refreshed on their cybersecurity journey and to help manage their control system cybersecurity risks.
In today's modern manufacturing environment, there is no such thing as a "disconnected" system from cybersecurity, and believing systems that are among the most vulnerable.
Industrial control system (ICS) cybersecurity is growing in importance as cyber attacks increase and there are some basic tenets companies can follow in their journey.
Physical security, cybersecurity education, IT/OT separation and outsourcing when necessary are crucial to effective cybersecurity.
Developing a strong cyberattack incident response plan requires a thorough examination of everything from building a response team to actually testing out the plan and ensuring it works.
Operational technology (OT) systems and networks needs to adopt the core elements of information technology system management (ITSM).
Smart devices are growing in popularity, both at home and in the workplace, but is your IoT network putting you at risk of cyberattack? Here are some steps you can take to minimize risk.
Penn State researchers are using graphene to make encrypted keys harder to crack, which could be used to improve data security and overall cybersecurity initiatives.
SPAN and TAP ports can help companies utilize industrial control system (ICS) security solutions for aging infrastructures and networks.
It's a matter of when, not if, when it comes to being the target for a cybersecurity attack. Companies can prepare themselves by enhancing IT security and education and knowing their network.
Vulnerability monitoring and assessment are particularly challenging to execute well in operational technology (OT) environments because of the large number of disparate assets.
A government-sponsored test on whether a cyberattack could inflict real-world physical damage has had major repercussions to this day. See eight steps on how to mitigate a potential cyberattack against your industrial control systems (ICSs).
The SolarWinds cybersecurity attack has had far-reaching effects in many different ways and it will change how operational technology (OT) handles cybersecurity threats.
What can engineers do to protect their processes and plants from cyberattack? Consider these best practices from cybersecurity and manufacturing experts.
Low-level risk assessments are often performed after a high-level risk assessment or, sometimes, conducted on specific plants in order to deeply assess the precise risk estimate of a cyber attack.
Pacific Northwest National Laboratory (PNNL) created a cybersecurity guidance report for marine renewable energy (MRE) devices to help improve MRE’s resiliency as a reliable source of renewable energy.
A high-level risk assessment is the starting point of an industrial cybersecurity risk assessment in compliance with the cybersecurity lifecycle defined by the international standard IEC 62443 for OT Security.
Digital transformation can change manufacturing, but companies need to invest in cybersecurity knowledge and training to make it viable.
Cybersecurity remains a growing challenge for many, and one way to bring greater awareness to the challenge is through collaboration among public, private and academic institutions. See three lessons to improve cybersecurity.
A threat scenario is shown to explain how an asset owner can benefit from leveraging diverse data collection using the MITRE ATT&CK for ICS Matrix.
As the worlds of information technology (IT) and operational technology (OT) continue to merge the demand for security measures to protect OT networks is growing.
IEC 62443 is the international standard for the security for industrial automation control systems (IACS) and its importance is growing as networks and controllers become intertwined.
Industrial control systems require secure remote connections. Did the pandemic help IT to understand OT needs and help OT to see IT concerns about cybersecurity and remote access?
A risk-based approach to cybersecurity without basic cyber hygiene leads to many long-term problems for companies that are trying to get their networks safe and secure.
The new normal due to COVID-19 has made the cyber threat landscape very different and challenging in new ways for operators and consumers. Learn about new trends people should be aware for in 2021.
John Adams was appointed Chief Executive Officer (CEO) by Mission Secure, an industrial control system (ICS) cybersecurity company.
Understanding cybersecurity issues in embedded devices is a complicated, ongoing process, but it's well worth doing ... and doing right. Here are a few steps to get you started on the journey.
The integrated microelectric supply chain is fraught with security risks and many companies are at risk of having their intellectual property (IP) stolen.
Cybersecurity is becoming a major problem for operational technology (OT) users and can affect people in surprising and unexpected ways. See example and four questions to ask when developing an OT cybersecurity plan.
Industrial control system (ICS) security attacks are a given, but they are relatively rare and should be dealt with.
To manage risk in manufacturing plants, it's essential your team understands the potential threats and is appropriately prepared to take necessary actions.
Standardization frameworks encourage more automation interoperability. Interoperability is trying to move from one or a few automation ecosystems into a wider world. See four levels of cybersecurity.
Cybersecurity is critical for operational technology (OT) systems, but it often doesn't deliver value to the user. See six reasons why and how users can find value and improve overall security.
Chief information security officers (CISOs) need to know who is involved in operational technology (OT) cybersecurity and should know why they're getting involved in the first place when beginning this journey.
Industrial Cybersecurity Pulse is a new website dedicated to educating and informing engineers about the latest challenges and developments relating to cybersecurity, information/operational technology (IT/OT), the cloud and more. Check it out!
Physical and cybersecurity are becoming more intertwined, which can create potential headaches between information technology (IT) and operational technology (OT). See four ways organizations can make the convergence easier.
USC’s Intelligence and Cyber Operation Program (INCO) is designed to train students to proactively identify cybersecurity issues with an interdisciplinary approach.
An unknown hacker tried to hack into the Oldsmar, Fla., water treatment system in the latest high-profile cyberattack against critical infrastructure facilities.
The SolarWinds attack is the latest reminder the cybersecurity landscape is changing, and manufacturers need to protect industrial control systems (ICSs). See three ways a software bill of materials can help cybersecurity.
Bayshore Networks and GE Digital announced an expansion to their partnership to integrate their solutions to address the growing need to secure industrial and critical infrastructure networks.
How can remote access be granted to industrial facilities without increasing cybersecurity risks? Hardware, software and services are helping resolve the secure remote access challenges for manufacturers.
Many of the lessons and changes applied to manufacturing after the Occupational Safety and Health Act of 1970 can be applied to the growing challenge manufacturers face with industrial cybersecurity. Three keys to improving cybersecurity are highlighted.
Use vulnerability management at the convergence of information and operational technologies to lower risk to industrial control systems.
A model developed by MIT researchers explains how countries that retaliate too much against online attacks can make things worse for themselves, which can help others develop a more effective and measured strategy for the future.
Below are more answers resulting from a cybersecurity webcast on cybersecurity architectures, training, best practices, risk assessment and trends based on research.
Information technology strategies can help combat new cybersecurity vulnerabilities and deploy a solid cybersecurity program for operational technology use for industrial control systems, remote terminal units, supervisory control and data acquisition systems, as Industrial Internet of Things deployments increase.
Cybersecurity often is the catalyst for control system modernization, and industrial and critical infrastructure sector projects increasingly specify automation products and systems that are designed as cybersecure.
Manufacturing's resilience has been strong during the COVID-19 pandemic, and cybersecurity needs to be stronger than ever as the nature of work changes.
A webcast on cybersecurity offers information about cybersecurity architectures, training, best practices, risk assessment and trends based on research.
A world with a pandemic can benefit from control engineering to measure, apply logic, and take actions in a transparent way, then repeat and optimize. Cybersecurity, remote connections, digital twins, artificial intelligence, training, and challenging old information all can help.
Articles about heated face masks designed to inactivate coronaviruses, evaluating IoT wireless protocols, cybersecurity, human and artificial intelligence, and more were Control Engineering’s five most clicked articles from Oct. 19-25, 2020. Miss something? You can catch up here.
The Industrial Internet of Things (IIoT) will have the strongest impact on operational technology/industrial control system (OT/ICS) cybersecurity.
The inability to stop production and a bureaucratic approval process are the main barriers that inhibit industrial cybersecurity projects according to a report by Kaspersky.
There has been an increase in the percentage of systems attacked in the oil and gas industry as well as the building automation sector during the COVID-19 pandemic.
Regardless of how companies buffer supply chain gaps, they need to be cybersecure.
Businesses need to be ready to pick up where they left off when it comes to enhancing physical security measures in the wake of COVID-19.
Self-erasing chips developed relies on a material that temporarily stores energy, changing the color of the light it emits and it self-erases in a matter of days or erased on demand.
System integrators need to ensure that their automation systems are IEC 62443-compliant to adhere to international cybersecurity requirements.
There are several preventive measures that can be taken to secure industrial processes against cyber attacks.
It’s hard to know how much cybersecurity spending is enough to lower risk to an acceptable level. What is enough and what else is needed? A cybersecurity risk assessment (CRA) can help. Four tips are highlighted.
A suite of algorithms has been developed to improve the performance of cyber-physical systems by balancing each component’s need for data with how fast that data can be sent and received.
More workers are forced to work remotely due to COVID-19, but cybersecurity prevention and training is lagging behind.
Simple strategies to achieve the most value from cyber risk assessments. Three strategies for operations technology (OT) teams to avoid while performing assessments are highlighted.
Cybersecurity advice about process, technologies, people (internal) and external threat resulted from the Control Engineering 2020 Cybersecurity Research Report. See graphic of technologies and services used online.
Forward-looking organizations realize they need the same level of aggressiveness to protect assets as they have done for COVID-19 risk reduction. A three-pronged strategy on securing essential infrastructure is highlighted.
More than 70% of industrial control system (ICS) vulnerabilities disclosed in the first half of 2020 can be exploited remotely according to a report by Claroty.
Phishing assaults are becoming increasingly targeted, and the COVID-19 pandemic is one of many ways hackers are exploiting people and small companies.
Virtual private network (VPN) implementations that give remote access to operations technology (OT) networks have received more focus due to COVID-19 since more people are working remotely.
With remote work becoming the new norm, it's important to stay on top of cybersecurity measures. Check out some tips on how to protect yourself from a cyber attack.
The Forge Cybersecurity Suite offers passive asset discovery, active asset discovery, risk monitoring capabilities, and more to ensure that remote operations remain secure.
Secure remote access (SRA) is being used to help companies survive and thrive during the COVID-19 pandemic, but there are some new challenges that need to be considered. See 10 remote access best practices.
COVID-19 cyber attacks are on the rise according to researchers, and they are getting very sneaky in their methods.
Age of existing assets are the greatest cybersecurity risk factor, 67% in 2020 Control Engineering research, up from 46% in 2016. This is of particular concern with remote operations increasing due to the COVID-19 pandemic and manufacturing starting up again.
Integrated control and safety systems can simplify a strong cybersecurity posture for a manufacturer.
Researchers warn smart manufacturing users and security professionals to be aware of advanced hackers.
The amount of distributed denial of service attacks (DDoS) rose at the beginning of this year primarily on education and municipal sites.
Without evidence of security performance, companies may be left with significant cybersecurity risk, according to a Mandiant research report.
Expectations for workers are changing due to the pandemic. Even after they return to work, it's going to be different, and companies need to adjust to this and ensure their workers are cyber-secure.
The National Institute of Standards and Technology (NIST) plans guidance to strengthen cybersecurity of related tech, in response to White House order.
Google and Apple unveiled a joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of COVID-19 while protecting user privacy.
Information technology (IT) and operational technology (OT) are continuing the process of working together, but non-manufacturing types need more understanding and context of what is happening on the plant floor for this merger to work.
Four myths about networking and cybersecurity related to operations technology (OT) systems are highlighted as well as three pillars for securing industrial networks.
ASIS International and the Security Industry Association have partnered to help in the coronavirus recovery and rebuilding efforts. The primary focus areas will begin with business operations and advocacy, and content development and coordination.
Cyber criminals are taking advantage of COVID-19 forcing the majority of employees forced to work remotely. Europol published an updated threat assessment after monitoring the impact of coronavirus and cybercrime.
With many employees working remotely, there is a rise in COVID-19 themed email phishing scams. Follow these suggested tips to keep companies safe.
It's crucial to recognize the possible threat from a supply chain risk and understand best practices to avoid them.
Employees working from home need to be vigilant about phishing campaigns using COVID-19 related content to find gaps and organize cyberattacks.
Because of the coronavirus pandemic, more people are working remotely to avoid getting sick. Consider these five tips to make sure your cyber hygiene is as strong as your physical hygiene.
Companies are starting to offer protected remote access at no cost in response to the large number of employees working remotely due to coronavirus.
With a large influx of people working remotely due to COVID-19, cybersecurity is becoming a topic of concern for employers and their employees.
Good cybersecurity hygiene is needed as more employees move toward working out of their homes in the wake of the coronavirus pandemic.
The coronavirus disease (COVID-19) is being used as bait in email spam attacks on targets around the globe by using the promise of information or a cure to fool people.
Ransomware and cyber attacks are increasing against manufacturers. Some are trying to understand more about the people behind them and their motives, which are not always clear.
Manufacturers are realizing the potential dangers from cyber attacks, but that is the first step in the process. Learn how companies are trying to combat this growing problem and what more they can do.
Wayne State University researchers have developed a process designed to enhance cybersecurity of chemical process control systems.
The National Institute of Standards and Technology (NIST) is working on a publication designed to reduce cybersecurity risks to the supply chain.
Purdue researchers created hardware technology that uses mixed-signal circuits to embed critical information to stop potential computer attacks.
Purdue University researchers have developed a cybersecurity tool designed to stop cyber attacks using supervised machine learning, unsupervised machine learning and rule-based learning
Industrial automation cybersecurity has a lot of confusion and questions. Learn about changing trends and effective best practices for operations technology (OT) providers.
Researchers at Bar-Ilan University showed long sequences with certified randomness are far from being truly random, which may lead to a new type of classified secure communication between two parties where even the existence of the communication itself is concealed.
Utilities need to embrace a risk-based approach to cybersecurity to match the existing basic-level of compliance. See four issues utilities are currently facing.
LSU Engineering received a $3.4 million National Science Foundation Scholarships for Service (SFS) grant, which will fund 21 scholarships in cybersecurity training over a five-year period.
Cybersecurity is critical as information technology (IT) and operations technology (OT) converge, which is the first step in making the transition between the two sides almost seamless.
Converging information technology (IT) and operations technology (OT) does little to move end-to-end digitalization forward. What makes digitalization really work is successful OT and IT collaboration and an understanding of what the other side needs. See 7 tips for smarter OT and IT collaboration.
Cybersecurity education: Human hacking, the compromise of human assets, is often the first step in a cybersecurity breach, even if or when technical systems are secure. Help coworkers and those in your supply chain to avoid being the entry point for attack. Learn attack methods, five attack types and five prevention techniques.
A study from North Carolina State University finds that companies that disclosed cybersecurity risk management efforts before and after a competitor’s breach fared the best.
The distinction between digital and physical cybersecurity is vanishing, and the risks associated with connectivity have accelerated the need for new security protections in all aspects of manufacturing.
Researchers at the University of Wisconsin-Madison are using machine learning methods that could allow scientists to strengthen nuclear security by giving scientists on the ground vital information quickly.
While industry sectors are starting to automate their processes to help increase productivity and efficiency and this requires greater connectivity, which also can expose systems to attack.
The National Institute of Standards and Technology (NIST) has published a report to help organizations better understand and manage the cybersecurity and privacy risks associated with IoT devices throughout the devices’ lifecycles.
Protecting industrial automation systems is easier when controllers offer built-in cybersecurity features.
A solid access control plan can reduce the complexity in securing these critical spaces and protect a manufacturing facility and reduce potential theft as well as overall costs.
The University of Arkansas received a five-year, $4.63 million award from the National Science Foundation to recruit, educate and train the next generation of cybersecurity professionals.
West Virginia University has received a $1 million award from the National Science Foundation (NSF) to prepare students for cybersecurity jobs with a project called "ACCESS," which cultivates cybersecurity experts through scholarships and education.
While Industrie 4.0 and the Industrial Internet of Things (IIoT) is enhancing the digital and connectivity capabilities of industrial control systems (ICSs) it has also opened the floodgates to serious cybersecurity risks.
Emerging condition monitoring software and devices have ingrained cybersecurity that helps bring legacy systems and processes into the modern era.
Understanding what devices a manufacturer has working on a network is important, but the next step is to take that knowledge and move toward prevention.
The International Society of Automation (ISA) named the founding members of its Global Cybersecurity Alliance (GCA): Schneider Electric, Rockwell Automation, Honeywell, Johnson Controls, Claroty, and Nozomi Networks.
Researchers at the University of British Columbia are developing an automated program in development aimed at improving the security of these devices and boosting security in the smart grid.
Operationalizing cybersecurity requires balancing protection and response with cyber attacks, which are not predictable, and trying to stay ahead of the people who are actively looking to cause problems.
The ISA Global Cybersecurity Alliance will assemble a global group of stakeholders from end-user companies, control system vendors, information technology (IT) and operations technology (OT) infrastructure providers, system integrators, and other industry affiliates.
A cyber kill chain provides a model for understanding the lifecycle of a cyber attack and helps those involved with critical infrastructure improve cybersecurity policies, technologies, training, and industrial control system (ICS) design. Learn 8 steps of one model.
Aydin Aysu, a researcher at North Carolina State University, is offering a course to prepare students to make use of next-generation cybersecurity tools such as cryptography hardware.
A report from Applied Risk found that cybersecurity basics are still not being practiced by many companies, which is increasing their risk for potential attacks as untested technologies continue proliferating critical infrastructures.
An MIT-developed cryptographic system, Fiat Cryptography, is helping better protect a user's data and better secure websites by automatically generating optimized cryptography code that’s usually written by hand.
Researchers from the University of Bath and Goldsmiths investigate whether a device that plugs in to a PC and signals to a user to change their password could help improve cybersecurity.
Operators need to know the quality of that data within the proper context as the volume of data continues to increase to better prepare them for potential cyber attacks and other malicious events.
The 2019 Verizon Data Breach Investigations Report (DBIR) found the motive for cyber attacks against manufacturers are largely financial in nature, though espionage also remains a strong motivator for some.
Cybersecurity regulations are deliberately written to be forward looking and encourage best behaviors and companies should be vigilant in their compliance to prevent potential cyber attacks.
Articles about sustainable cybersecurity architecture, robot ethics, data historian history, location intelligence and the IIoT, and online education benefits were Control Engineering’s five most clicked articles from May 20-26. Miss something? You can catch up here.
Researchers at the U.S. Army Research Laboratory (ARL) and Towson University are developing a method on compressing network traffic as much as possible without losing the ability to detect and investigate malicious activity.
Researchers at Georgia Tech have discovered that side channel signals and bolts of lightning from distant storms could one day help prevent hackers from sabotaging electric power substations and other critical infrastructure.
Catastrophic disaster can be the result of insecure industrial cybersecurity practices. See six common entry points for attacks, eight cybersecurity precautions for attacks by type, and four steps to improve.
Operations technology (OT) and information technology (IT) organizations need to collaborate and build networks that effectively use digitalization to create an efficient and secure environment for companies.
Cybersecurity in the robotics field is still immature, but manufacturers are starting to realize the vulnerability that connected robots and automation equipment creates in their operations.
Cybersecurity: Improving evaluation and certification methods, security audits, and testing provide a foundation for evaluating Industrial Internet of Things (IIoT) devices.
Choosing a safety instrumented system (SIS) architecture for defensible operation across the product lifecycle is one of the first decisions an organization must make; know these applicable standards.
Safety and security have become more interconnected as systems once immune to cyber attacks are now becoming vulnerable in an increasingly interactive world.
Cover story: A refinery installed a modern distributed control system (DCS) that automates and manages industrial cybersecurity tasks to reduce manual workflows, potential human error and overall company costs.
Southwest Research Institute (SwRI) has developed a cybersecurity system to test for vulnerabilities in automated vehicles and other technologies that use GPS receivers for positioning, navigation and timing.
A research team from Northern Arizona University is looking to secure blockchain with an architecture that is compatible with cloud-based solutions.
Technology update: Cybersecurity remains a key concern for manufacturing and process facilities as explained in the media session at ARC Forum 2019.
Researchers from the National Institute of Standards and Technology (NIST) are exploring and developing the human aspect of cyber-physical systems (CPSs), which are going to have a larger role in society.
Articles about plant cybersecurity management, the 2019 Engineers' Choice awards, control systems, future plant design, and the System Integration Giants were Control Engineering’s five most clicked articles from February 11-17. Miss something? You can catch up here.
Communication and understanding between the information technology (IT) and operations technology (OT) department needs to improve as cyber attacks become more prevalent.
A combination of information technology (IT) and operations technology (OT) cybersecurity expertise is required to manage the influx of Industrial Internet of Things (IIoT) devices and increased IT/OT integration.
Manufacturers' technology often wasn’t built to suppress today’s digital threats and with the advent of mobile technology in the workplace, it is easy for hackers to exploit this soft weaknesses.
With increased connectivity between different devices, it’s critical to implement additional cybersecurity measures.
A report by ESI ThoughtLab, in conjunction with Willis Towers Watson, found untrained staff is the greatest cybersecurity risk to business and a vast majority of companies know this.
Companies can help prevent cyberattacks by forming a security operations center (SOC) to get the information technology (IT) and operations technology (OT) on the same page with the same goals.
Researchers have received a $750,000 grant to develop and commercialize a next-generation cryptosystem capable of protecting IoT devices from cybersecurity attacks through advanced authentication procedures.
Axio’s NIST-CSF risk management platform is designed to establish a baseline for cyber readiness, and provides companies a risk reduction roadmap for ongoing improvement.
Digital transformation is vital for companies, but a clear business path and plan is needed to make it viable.
Cybersecurity risks need help from contracts and insurance beyond technologies, policies, and people. Pretending cybersecurity risks aren’t there isn’t on any list of best practices.
Companies looking towards a digital transformation need cybersecurity and they need everyone–not just IT–to take responsibility to make it work.
Honeywell research finds exposure through portable USB drives can cause serious disruption to process facilities through unsecure or malicious files.
ISA/IEC 62443-4-2-2018, published by the International Society of Automation (ISA), sets forth security capabilities that enable a component to mitigate threats for a given security level without the assistance of compensating countermeasures.
Pharmaceutical manufacturers need to enact cybersecurity measures for their programmable logic controller (PLCs) to prevent hackers from causing damage that could have major repercussions for the health of the company's customers.
Think again: Machine tool original equipment manufacturers, automation suppliers to OEMs, system integrators, and end users at IMTS 2018 find value in easier machine connectivity, communications, and visualization. Are you watching others or participating?
Multi-factor authentication (MFA) is a technique that, when implemented properly, can be an efficient deterrent from cyberattacks, but heed these additional precautions to prevent information from being compromised.
Six tips can help with cybersecurity and remote-controlled or remote-monitoring applications for industrial control systems (ICSs).
The ISA/IEC 62443-4-2-2018 standard provides the cybersecurity technical requirements for components that make up an IACS, specifically the embedded devices, network components, host components and software applications.
Researchers at UC Santa Barbara have developed a method that could protect the power grid from cyber attacks.
Researchers from Indiana University’s Center for Applied Cybersecurity Research (CACR) will oversee the security of data produced by the Large Hadron Collider (LHC).
Remove unnecessary fear, take a proactive approach to network security as the Internet of Things (IoT) continues to rapidly expand.
MIT researchers have developed an encryption method that secures data used in online neural networks without dramatically slowing their runtimes, which could be useful for cloud-based neural networks and other applications that use sensitive data.
Manufacturers are leveraging Industrial Internet of Things (IIoT) technology to generate insightful robotic data, which makes maintenance easier, but it also increases cybersecurity risks.
Researchers at Georgia Institute of Technology (Georgia Tech) have developed a simulator to help operators of chemical processing plants better understand the security issues of industrial control systems (ICSs). Future versions are being planned to simulate electric power grids, treatment facilities, and other manufacturing facilities.
Webcast presenters Jerry Espy, Frank Prendergast, and Jerry Bartlemay answered questions about topics such as cybersecurity risk, the emergency of the IIoT, and component and module integration.
Companies looking to protect an industrial control system (ICS) should audit their assets, network, and data flows to better determine how safe a system is, and what more needs to be done.
Industrial internet can help operations and production be intelligent, high-efficiency, and flexible. Industrial network cybersecurity can help protect the industrial control system (ICS). Tools are available to enhance interoperability of real-time data transmission.
Experts at the Honeywell User Group (HUG) Americas conference encouraged companies to be proactive and think outside the box when deploying and implementing cybersecurity and safety solutions to protect manufacturing systems.
Embedded vision technology is advancing security and surveillance capabilities in a number of different ways.
Cybersecurity can make or break a manufacturing enterprise with the advent of the Industrial Internet of Things (IIoT) and can have a major effect on safety systems, which are often considered the last line of defense for a manufacturing company.
International: A European consortium is to begin working on Brain-IoT, a framework to improve the interoperability and security of Internet of Things (IoT) devices. Actuation and control are among areas of concern.
Technology Update: Smart data management may include keeping a data center on location as part of a cybersecurity strategy, for manufacturers, aviation, defense, and other applications. An example shows how.
Think Again: Convergence of cybersecurity efforts from operational and information technology specialists is creating extra interest, encouraging investments, changes in policies and procedures, and training.
The practice of “securing by design” can help companies protect against potential cyber attacks on Industrial Internet of Things (IIoT) products.
Advances in technologies can lead to great things for the manufacturing automation sector, but security has to play a key role as the Industrial Internet of Things (IIoT) and Industrie 4.0 become more important.
General Michael Hayden, former director of the CIA and the NSA, addressed the advances of technology and cyber attacks at the PAS 2018 Optics conference and said cybersecurity is a new domain and is vulnerable because security is an afterthought.
Global spending on security-related hardware, software, and services should hit $91.4 billion in 2018, an increase of 10.2% over 2017. Discrete manufacturers are expected to be among the biggest spenders.
Almost 60% of executives at critical infrastructure operators said they lack appropriate controls to protect their environments from security threats, but many are planning to increase spending for industrial control system (ICS) security measures in the near future.
Verizon's annual data breach report revealed manufacturing and healthcare were the biggest targets of hackers and over half of the data breaches were aimed at small- and medium-sized enterprises (SMEs).
Seven organizations earned over $5.6 million in federal money to develop new tools to help researchers better understand and counter cyberattacks.
While company executives are aware of cybersecurity's importance, few are confident in their ability to prevent a potential cyber attack, according to research by Marsh and Microsoft.
Use a risk-based approach to minimize risk against cyber attacks, especially for critical infrastructure facilities and industries.
Cover story: Continuous threat intelligence collection, analysis, and optimization can help organizations improve cybersecurity measures.
The 2nd Annual Internet of Manufacturing Midwest conference in Chicago from June 6-7, 2018, is designed to bring business and technical executives from leading manufacturers to share best practices, case studies, and to inspire new revenue opportunities.
Cover story: Implementing a cybersecurity strategy against internal and external threats are key steps toward securing an industrial control system (ICS).
Cover story: It’s critical to implement an in-depth cybersecurity plan to help protect industrial control systems (ICSs) against a cyber attack. Identify threats, vulnerabilities, standards, and documents.
ISA/IEC 62443-4-1-2018, Security for Industrial Automation and Control Systems Part 4-1: Product Security Development Life-Cycle Requirements, specifies process requirements for the secure development of products used in industrial automation and control systems (IACS).
The Industrial Internet of Things (IIoT) enhances manufacturing operations by enhancing connectivity, equipment management, monitoring production, and customer relationships. Nine additional IIoT benefits are highlighted.
A targeted attack on a safety system has made it clear the manufacturing industry as a whole needs to be vigilant and ready for future malicious cybersecurity attacks because they will come.
Industry and utility companies need to develop new strategies to mitigate and manage cyber risks according to an IBM report, which has set recommendations for securing the Industrial Internet of Things (IIoT).
The number of industrial control system (ICS) devices connected to the internet has increased according to a report, and it raises some concerns about secondary and ancillary devices connected to the ICS that could be compromised.
The Industrial Internet Consortium (IIC) announced the publication of the Endpoint Security Best Practices white paper, which is designed as a reference point to implement countermeasures and controls they need to ensure the safety and security of Internet of Things (IoT) endpoint devices.
The Digital Manufacturing Design and Innovation Institute (DMDII) announced today the launch of a "Cyber Hub for Manufacturing" with $750,000 in seed funding from the U.S. Department of Defense (DoD).
Before most "final" attack success or failures, there is a whole series of often forgotten or unseen steps or plays that took place and users can take steps to prevent them from happening or, at the very least, slow them down.
Control engineers can use PC-based control systems to take advantage of Big Data analytics to help them make real-time insights for their companies in the Internet of Things (IoT) era.
Moving to the cloud still provides many challenges for manufacturing organizations to overcome, but smooth transition is possible and definitely without fear provided companies take security seriously.
A tool has been designed by researchers at the University of California San Diego to detect when websites are hacked by monitoring the activity of email accounts associated with them.
Most industrial control system (ICS) networks were designed and implemented before the advent of cyber crime, and the availability of automated asset management capabilities, which makes it difficult to assess risk and apply effective defenses. Three major pain points for users are highlighted.
Manufacturers may see advantages to the Industrial Internet of Things (IIoT) and Industrie 4.0, but the backbone of their plant, the control system, wasn't built with cybersecurity in mind, and many companies aren't addressing this potentially serious issue.
Humans are the weak link when it comes to cybersecurity and have a wide potential attack surface for hackers, but companies can take steps to reduce this problem by remaining consistent in their security policies. Six personnel shortcomings and three solutions are highlighted.
Eaton is collaborating with UL to advance cybersecurity for power management technologies across industries, which is intended to establish measurable cybersecurity criteria for network-connected power management products and systems.
Alarm management in an IIoT world: Correlation and classification of industrial process control alarms before the operator sees them vital for safety, speed, and efficiency. Networking and advanced software tools help.
Take steps to improve supervisory control and data acquisition (SCADA) alarm management and avoid alarm overloading.
Even though cybersecurity incidents across the globe are increasing, industrial companies are not moving quickly to adopt measures to protect their data and operations according to a report by LNS Research. Three solutions are highlighted.
Cyber incidents can add to downtime costs in a big way if there isn't a solid cybersecurity plan in place to mitigate the worst effects.
Research by Dell Technologies and Vanson Bourne found that many industry leaders agree they need to transform to become more automated and integrated, there is a sharp divide on whether this is a good or bad thing for the future and what it will mean for their employees and their bottom line.
Operations technology (OT) environments consist of many devices using different protocols and different languages. This can cause a security risk if plant operators don’t take steps to mitigate the risk and create awareness for everyone on the plant floor.
The Smart Factory is helping discrete manufacturers by providing real-time interactions of people, machines, assets, systems, and things that collectively enable processes to govern themselves through machine learning and cognitive computing.
Manufacturers and government officials recognize the need for improved cybersecurity for Internet of Things (IoT) devices, but more work needs to be done.
The Department of Homeland Security's (DHS) Science and Technology Directorate (S&T) released an industrial control system (ICS) cybersecurity solution via its Transition to Practice (TTP) program technology, the sixth marketplace transition in the last six months.
Industrial control systems (ICSs) are under attack as frequently as corporate administration systems and users can prevent these attacks with an assessment that takes stock of what a company has, who has access, and what changes have been made.
Honda of Canada won the Rockwell Automation's Manufacturing Safety Excellence Award along with U.K.-based equipment builder A.M.P Rose.
Researchers have developed printed 3-D microstructures instead of 2-D structures, such as holograms, to improve counterfeit protection, which has increased over the past several years.
Consequence-driven engineering (CCE) provides organizations with the steps required to examine their own environments for high-impact cybersecurity events/risks; identify implementation of key devices and components that facilitate that risk; and develop concrete protections.
Combosquatting, which tricks users into visiting domains that contain familiar trademarks with different or additional words, has become a growing problems and can adversely effect users.
Advanced persistent threat (APT) attacks against critical infrastructure are on the rise and companies and users need to learn how to find anomalies in their network and be proactive before serious damage can be inflicted.
It is important to understand the interaction between safety and security in process control applications to make better overall decisions.
A proactive cybersecurity approach requires diligence and flexibility.
Small business owners, according to a report by Paychex, don't fear cyber attacks the way larger companies do and they lack the protections a larger company might have installed. Five cybersecurity best practices are highlighted.
The interconnection of information technology (IT) and operational technology (OT) is a source of new opportunities and challenges. With increasingly automated and robotic supply chains, manufacturing and engineering companies are becoming more connected, but this exposure to external data flows inevitably leads to new risks.
Deep packet inspection (DPI) of traffic is needed to secure an industrial automation and control system (IACS) to understand specific protocols and apply filters to fields and values that matter to control systems.
An initiative to improve access control and mustering generated improvements using radio frequency identification (RFID) tags improved plant safety and efficiency for Chevron Oronite.
Companies can't prevent all cyber attacks from occurring, but simple best practices such as enforcing security policies, strengthening physical security, and controlling network access with device profiling will go a long way to lowering the risk of an attack.
Malware can go undetected for months and even years inside an industrial network. Companies can protect themselves by educating their workers and ensuring their firewalls are configured properly.
Cybersecurity breaches that affect operation technology (OT) systems and devices that monitor and manipulate much of the world around us have real-world health and safety consequences if they are compromised and companies need to catch up.
Information technology (IT) and operations technology (OT) need to converge to make the Industrial Internet of Things (IIoT) work, but manufacturers still struggle with making it work. The 2018 ARC Advisory Group Forum is planning on addressing the topic and other cybersecurity issues.
Nozomi Networks listed five ICS security predictions for 2018 such as increased information technology (IT) integration and potential cybersecurity challenges.
Mobile robot standards are evolving to keep up with the rapid developments on the plant floor and to help ensure workers and companies are safe going forward.
As connectivity increases, so does the level of sophistication in cyber attacks against manufacturers and other industries. Three security recommendations for manufacturers are highlighted.
Energy companies in the United States and Europe are facing an increased number of cybersecurity attacks that could leave lasting damage if successful and they need to find ways to remedy the issue before it happens.
Threats to the industrial control system (ICS) network infrastructure are at an all-time high and the sophistication of these are easy for perpetrators because of its aging infrastructure, lack of security planning/design, and minimal focus to protect ICS assets.
Cover Story: Advancements in human-machine interfaces (HMIs) lead to increased productivity, simplified graphics configuration, and mobility.
Robotics sales are growing across the globe, but cybersecurity isn't following suit according to research reports.
Cyber attacks against manufacturers are occurring more frequently, according to a report by NTT Security, and the level of sophistication is also increasing.
As governments start to contemplate legal responses to Internet of Things (IoT) security flaws, companies are beginning to contemplate changing the way they handle cybersecurity.
A ransomware called Defray has been used to target manufacturing and technology companies as well as healthcare and educational facilities.
Firewalls continue to represent core elements in the segmentation of networks and therefore are an essential part of any security strategy with respect to network security.
Security researchers have demonstrated that it is possible for hackers to make undetectable changes to 3-D printed parts that could introduce defects along with potential safety risks, which could be problematic for medical and manufacturing applications.
The National Institute of Standards and Technology (NIST) has created a technical draft report that is designed to will help organizations perform a step-by-step analysis to identify those critical parts of a system that must not fail or suffer compromises to information technology (IT) or operations technology (OT).
As industrial control systems (ICSs) are attached more frequently, operators are looking to information technology (IT) to help them understand the issue and create best practices to help prevent future attacks.
System integration via the cloud makes networking at the production level easy and secure by vertically integrating management and systems as well as providing a security function for Industrie 4.0.
Honeywell has completed its acquisition of Nextnine, a privately-held industrial cybersecurity company, which will be integrated into Honeywell's existing cybersecurity division.
Security needs to be improved in order to combat attackers getting more and more dangerous and skilled each day, demonstrated by the attack on Ukraine in December 2016.
A new version of ransomware, called Petya, is attacking companies and countries across the globe and is being compared to, yet more severe than WannaCry.
Cyber crimes are not only affecting big business, they are increasingly targeting small businesses, non-profits organizations, and public health and safety organizations that are more vulnerable.
With the industry on the cusp of adopting the Industrial Internet of Things (IIoT) or Industry 4.0, security has to be a part of it.
If implemented strategically and accordingly to the company's specific needs, robotic automation can position a company for long-term improvements and success.
Enterprises need a combination of operations technology's (OT's) reliable data and information technology's (IT's) and innovation to become a smart, connected enterprise that will embrace and profit from the digital transformation.
A report by Verizon indicates that most security breaches against companies are cyber espionage with the intention to steal valuable company secrets.
Information technology (IT) and operations technology (OT) are very different organizations that have begun to converge and they must start resolving their issues. Three tips for reducing potential conflict are highlighted.
Cyberattacks are growing and becoming more prevalent and manufacturers have to make time for cybersecurity to try and prevent potential attacks.
More answers are outlined below from the live audience Q&A in the June 8 webcast, “IIoT webcast series 2017: Sensing and control at the edge: microcontroller kits."
For end users of industrial robots, cybersecurity needs to be a business priority in order to protect the company from hacking that can cause safety issues or defects that lose the company money.
Marty Edwards, a cybersecurity expert and director of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), has been hired as the managing director of the Automation Federation.
Integrated cybersecurity solutions are still a long way off because of a lack of expertise and a lack of solutions that don't address the integration between information technology (IT) and operations technology (OT) departments.
A survey by the Business Performance Innovation (BPI) network showed that fewer than two percent of large corporations have a clear vision for the Industrial Internet of Things (IIoT).
Two-factor authentication can provide manufacturers with an extra layer of security, but the process should not be cumbersome or time-consuming if a user's identity needs to be established quickly.
Cybersecurity has made significant strides in terms of companies' awareness, but there is still a long way to go, according to experts at the SANS ICS Security Summit.
Resources available to learn about cybersecurity frameworks; receive alerts, advisories and reports.
Industrial robotic systems are vulnerable to cyberattacks according to research from information technology (IT) security company Trend Micro.
Safety implications of security often end up overlooked and companies need to learn how to assess, manage and mitigate risks for industrial security.
Companies see the enormous upside the Industrial Internet of Things (IIoT) has to offer, but they are united in their concern about a major security breach.
Robots are becoming more affordable and practical for everyday solutions, but the need for robust security is also important, according to security firm IOActive.
A survey by security company Tripwire found that 96% of IT security professionals expected attacks on critical Industrial Internet of Things (IIoT) infrastructure segments such as energy, utilities, government, healthcare, and finance.
Cybersecurity is one thing, but figuring out where insurance fits into the big picture is not so simple these days with cyber-physical attacks becoming more sophisticated.
Researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) and Stanford University have developed an encryption system designed to disguises users' database queries so they reveal no private information.
A security incident can cause damage to brand reputation, loss of competitive advantage, legal or regulatory non-compliance issues, considerable financial damage, and harm to the environment and community.
Companies looking to improve their Internet of Things (IoT) system should consider who they do business with and take proactive steps to ensure there aren't any potential security breaches.
Manufacturers need to understand their process and disconnect the “crown jewels" to protect their systems from serious damage.
Ulrich Spiesshofer, chief executive of ABB, said the fourth industrial revolution and the energy revolution are happening at the same time and how their changes are impacting one another as well as the workforce in profound ways.
Ukraine has been hit with two major cyberattacks on their critical infrastructure in the last year-and-a-half. First steps of the attack were executed through the HMI. Operators saw the mouse point moving in front of them, and they had no control of it. A cybersecurity expert and investigator explains the attack and what this means for industrial security as a whole.
The National Institute of Standards and Technology (NIST) is working with the Department of Homeland Security (DHS) Science and Technology (S&T) and industry to research and develop approaches to DDoS detection and mitigation, which are becoming more sophisticated.
Technology Update: If it isn’t secure, it isn’t safe. Cybersecurity vulnerabilities represent additional failure modes and safety incidents not factored into traditional safety assessments. Consider safety when creating a business justification for cybersecurity risk assessments.
Industrial security threats such as IoT botnets, critical infrastructure vulnerabilities, and black market supervisory control and data acquisition (SCADA) exploits are industrial security concerns that should be on the radar in 2017.
A draft update to the Framework for Improving Critical Infrastructure Cybersecurity provides details on managing cyber supply chain risks, clarifies key terms, and introduces measurement methods for cybersecurity.
Ransomware is as loathsome as it sounds; programmable logic controllers (PLCs) seen as likely targets.
A report by IBM Managed Security Services said that industrial control systems (ICS) attacks with the largest rise coming from brute force attacks on supervisory control and data acquisition (SCADA) systems.
Collecting data from the Industrial Internet of Things (IIoT) isn't enough; companies need to know what to do with it. They also need safeguards to ensure that the data they're processing isn't breached.
Companies, governments, and vendors need to develop a cyber ecosystem that encompasses more than just the four walls of their organization to help mitigate a threat that becomes more sophisticated every single day.
Top 5 Control Engineering articles February 6-12: Engineers’ Choice, multivariable control, SCADA/HMI cybersecurity, more
Articles about the Engineers' Choice winners, multivarable control concepts, SCADA and HMI cybersecurity, five VFD questions to ask, and what to expect from Industrie 4.0 were Control Engineering’s five most clicked articles from February 6-12. Miss something? You can catch up here.
Daniel Capano, Diversified Technological Services, joins Control Engineering editorial advisory board
Daniel Capano, the owner of Diversified Technological Services Inc., of Stamford, Conn., joined the Control Engineering editorial advisory board in February.
Top 5 Control Engineering articles January 23-29: IIoT advice, TSN and real-time Ethernet, successful MES implementation, more
Articles about the IIoT and manufacturing, TSN and real-time Ethernet networking, successful MES implementation strategies, hot Control Engineering topics, and five VFD questions were Control Engineering’s five most clicked articles from January 23-29. Miss something? You can catch up here.
Cybersecurity should be part of an industrial control system (ICS) or manufacturing application's acceptance test and information technology (IT) resources should be involved to help ensure a successful implementation.
There are ways for companies to get an Industrial Internet of Things (IIoT) project focused while overcoming the security challenges, but it requires a culture change and a different mindset.
Manufacturing execution system (MES) solutions require a great deal of planning and testing to be successful and it requires everyone on the shop floor to be on the same page.
Top 5 Control Engineering articles January 16-22: TSN and real-time Ethernet, reusable PLC code, hot Control Engineering topics, more
Articles about TSN and real-time Ethernet networking, reusable PLC code advantages, hot Control Engineering topics, five VFD questions, and robotics software for the next generation were Control Engineering’s five most clicked articles from January 16-22. Miss something? You can catch up here.
With the increasing adoption of Industrial Internet of Things (IIoT) devices for critical infrastructure operations, users need to realize that just because a pervasively connected device is labeled "smart" doesn't mean it's "secure."
Enhanced intelligence and fast delivery are key drivers for further investment in IIoT, but as the technology is still in relative infancy, security is a rising concern as more objects communicate with each other via the Internet.
Top 5 Control Engineering articles January 9-15: Control panel design, choosing a control system platform, choose the best controller, more
Articles about good control panel design, choosing the right control system platform, choosing the best controller, the 2016 System Integrator Giants, and a universal Internet of Things (IoT) language were Control Engineering’s five most clicked articles from January 9-15. Miss something? You can catch up here.
What does time-sensitive networking and real-time Ethernet data mean for the future of industrial systems?
Avnu Alliance members explain how real-time communications enabled by Time Sensitive Networking (TSN) will strengthen the future of industrial systems.
National Instruments announced the opening of the NI Industrial IoT (IIoT) lab at its Austin headquarters. The lab’s operational focus includes areas such as microgrid control and communication, advanced control for manufacturing, and asset monitoring for heavy equipment.
Top 5 Control Engineering articles January 2-8: Control panel design, achieving operational excellence, 2016 SI Giants, more
Articles about good control panel design, achieving operational excellence, the 2016 System Integrator Giants, SCADA and industrial automation, and robotics software were Control Engineering’s five most clicked articles from January 2-8. Miss something? You can catch up here.
Many manufacturers in the U.S. and the United Kingdom aren't adopting Industrie 4.0 because they don't realize its potential and don't see how it will improve their overall revenue according to research from the Boston Consulting Group (BCG).
Using cyber situational awareness platforms to enhance control system personnel needs to be part of a greater design goal and should act as an invisible layer for an operations technology (OT) environment. Here are four tips for cybersecurity situational awareness, and six responses to zero-day threats.
Audit and compliance rules dictate data must be true to ensure processes and systems are running to the height of their performance capabilities. It can also help manufacturers predict future trends by tracking historic data.
Manufacturing executives lack confidence their assets are protected from external threats, a study by Deloitte and the Manufacturers Alliance for Productivity and Innovation (MAPI).
Security professionals on the information technology (IT) and the operations technology (OT) sides of the house have to truly understand the main goal, which is keeping the manufacturer’s systems up and running at all times.
Top 5 Control Engineering articles December 12-18: Engineers’ Choice finalists, 2017 SIY winners, 2016 SI Giants, more
Articles about the Engineers' choice finalists, 2017 SIY winners, the 2016 System Integrator Giants, DCS/PLC action items, and intelligent automation were Control Engineering’s five most clicked articles from December 12-18. Miss something? You can catch up here.
Big Data analytics allow manufacturers to make smarter and better decisions and improve their operations and network monitoring can play a key role.
The Smart Manufacturing Leadership Coalition (SMLC) is working on test-bed demonstrations, which can help analyze optimization, energy efficiency, safe and sustainable production, and improved supply chain connectivity. The Coalition’s efforts include toolkits for smart manufacturing deployment, and open, advanced platforms, analytics, controls, and sensors. See related RCEP webcast.
The CC-Link Partner Association (CLPA) and Profibus & Profinet International (PI) announced an interoperability specification between CC-Link IE and Profinet.
Top 5 Control Engineering articles November 28 to December 4: Process automation systems, Engineers’ Choice finalists, robotic programming advancements, more
Articles about process automation systems, the Engineers' Choice finalists, robotic programming advances, SCADA/HMI cybersecurity, and IoT control system optimization were Control Engineering’s five most clicked articles from November 28 to December 4. Miss something? You can catch up here.
Stories in the December issue of AppliedAutomation focus on risks associated with cybersecurity, real-time process optimization, and motion control features that compare drive-based and controller-based automation.
Critical industries, such as chemical, energy, transportation, and water/wastewater depend on supervisory control and data acquisition (SCADA) systems for daily operations. Strengthening weaknesses in these systems must be a priority and is a shared responsibility.
Securing the first mile for the Industrial Internet of Things (IIoT) requires users to connect data from operational systems to the information technology (IT) environment.
In the future, automation environments will need a cybersecurity plan designed from the beginning, which means companies will have to think about the process differently.
Inductive Automation's Ignition v7.9 is designed to improve security, performance, and ease of use for supervisory control and data acquisition (SCADA) packages.
Network Integration — Ethernet hardware: The Allen-Bradley Stratix 5950 security appliance uses Adaptive Security Appliance firewall and FirePOWER technology to identify, log or block potentially malicious traffic and enhance plant-floor security. This is a Control Engineering 2017 Engineers’ Choice Awards Winner.
Network Integration — Ethernet switches: The Industrial Ethernet 1000 switch is a small form-factor, lightly managed switch designed for rugged environments meeting specific needs of industries such as machine building, manufacturing, smart cities, and more. This is a Control Engineering 2017 Engineers’ Choice Awards Winner.
Power — Energy, power protection, UPS: The first IIoT-enabled cyber secure, standalone lithium ion battery based UPS for industrial control applications. Powerful onboard electronics enhance battery performance, manage embedded cyber protection and enable secure Ethernet. This is a Control Engineering 2017 Engineers’ Choice Awards Finalist.
Software — Data analytics, diagnostics: The PlantTriage software, based on ExperTune technology, monitors plant control loops 24 hours a day, diagnosing issues, and prioritizing opportunities for improvement. This is a Control Engineering 2017 Engineers’ Choice Awards Finalist.
Machine & Embedded Control — PLCs, PACs, industrial PCs: The MELSEC iQ-R PAC is Mitsubishi Electric’s revolutionary controller that delivers significant enhancements in the area of machine performance, engineering ease of use, maintenance simplicity, sophisticated security, and quality. This is a Control Engineering 2017 Engineers’ Choice Awards Finalist.
More answers about system integration case studies, the topic of a Sept. 22 Webcast, are provided by the speaker. Topics include risks, design standards, and communication protocols.
Top 5 Control Engineering articles September 5-11: Ladder logic, safer process facilities, stepper motors, more
Articles about ladder logic, safer process facilities, stepper motors and closed-loop technology, small-scale automation projects, and SCADA cybersecurity were Control Engineering’s five most clicked articles from September 5-11. Miss something? You can catch up here.
Pixus Technologies' modular subracks and components are designed for plugging various sized boards and the extruded rails feature tapped holes and optional extensions for IEEE injector/ejector latches.
The risk of a potential cyber attack is going to increase as the Industrial Internet of Things (IIoT) becomes more widely adopted. Greater awareness and cooperation is needed to head off those risks before they become a reality.
Supervisory control and data acquisition (SCADA) systems’ traditional role is changing as the Industrial Internet of Things (IIoT) continues to take a larger role. SCADA systems were not originally designed for cybersecurity and plants need to adjust to this new reality.
SCADAfence agreed to partner with Gigamon to provide a joint cybersecurity solution to bring manufacturers additional visibility and detection capabilities and monitor the industrial environment.
Organizations recognize that information created by connecting intelligent things and industrial control systems (ICS) to the enterprise business systems is achieving greater visibility, but achieving this requires a seamless and secure flow of information.
A recent report indicates that many companies are worried that their staff lack the skills and understanding to use the Internet of Things (IoT).
Gaining access and data from areas previously inaccessible allows for greater knowledge and visibility of what is going on throughout the manufacturing enterprise.
Businesses are increasingly adopting Internet of Things (IoT) technologies, even if some don’t yet truly understand the benefits they can bring to their company, according to a survey by Strategy Analytics.
Virtualization growth in manufacturing is continuing as more end users are taking advantage of the cost benefits it offers such as increased efficiency, reduced costs, and better security.
Remote access will become an even more vital element as the industry becomes more open and connected and secure communications can be a constant if the right steps are taken.
Ethernet, industrial networks, fieldbus, and PID control remain major topics for automation experts.
Analyzing and mitigating security risks for industrial assets is imperative to preventing a data breach.
Top 5 Control Engineering articles, July 11-17: Natural gas flowmeters, Industrie 4.0 and MES, binary-coded decimals, more
Articles about natural gas flowmeters, Industrie 4.0 and MES, binary-coded decimals and PLCs, high-performance HMIs, and cybersecurity in manufacturing were Control Engineering’s five most clicked articles from July 11-17. Miss something? You can catch up here. Also see what ranked 6-10.
The Internet of Things (IoT) is becoming more commonplace in the workplace, which has, in turn, increased interest in operational technology (OT) security.
The Wi-Fi Alliance expanded the 802.11ac standard to include features designed to provide a higher-performance connectivity experience with features such as spatial streams and extended support.
GE’s Predix operating system to be part of Microsoft’s Azure cloud offering.
The cybersecurity situation for manufacturing is changing as the scale of attacks on the manufacturing sector and proportional loss to businesses has demonstrated the necessity of secure integrated control systems.
Manufacturing execution systems (MES) are still useful even with smart manufacturing because they provide a fundamental base for every smart production solution.
The Industrial Internet of Things (IIoT) is creating more streamlined and efficient methods to manage processes.
Industry leaders within manufacturing have already set in motion the idea of a fourth industrial revolution, or Industrie 4.0, and the Internet of Things (IoT) will play a major role in how manufacturing changes.
Cisco's survey on digital readiness suggest that information technology (IT) leaders around the world are not yet convinced of the industry’s ability to drive digital transformation, which is bad news for the Internet of Things (IoT).
A popular mechanism for the Industrial Internet of Things (IIoT) is representational state transfer (REST) communication. If a system or device exposes this kind of interface, it becomes Web-compatible.
GE and Microsoft are focusing more on how big data and industrial-level analytics can transform manufacturing as well as the Industrial Internet of Things (IIoT).
The Internet of Things (IoT) communication protocols remain an absolute maze, but Beecham Research, an analyst firm, has published a report designed to help users navigate through the chaos.
Physical security is now intersecting with cybersecurity in information technology (IT) and operational technology (OT) environments and there is a greater need for cybersecurity awareness as interconnectivity increases.
Westermo's WeConfig 1.4 is a network configuration management designed to configure large and complex industrial data communication networks and features enhanced functionality to bolster cybersecurity.
Lanner's LEC-6032 is an industrial grade appliance with the capability to operate under wide temperature ranges and provide connectivity to communicate with programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
RAS is marshaling in Industrie 4.0 by integrating multiple engineering disciplines that operate concurrently throughout the panel and enclosure manufacturing process.
Kepware Technologies' KEPServerEX version 5.20 software upgrade is designed to offer additional device and Internet of Things (IoT) connectivity for users in building automation, manufacturing, and the oil and gas industries.
Future Internet of Autonomous Things (IoAT) devices will utilize knowledge-enhanced electronic logic (KEEL) technology and may consume information from other devices or the cloud and participate in solutions they were never designed for.
.NET Framework is a software framework developed by Microsoft that is evolving to strengthen their cloud service platform as well as meet the demands of users outside their own operating system (OS).
ODVA announced at Hannover Messe their intention to develop a common industrial cloud interface, which will encompass two elements for the industrial cloud: a cloud gateway and an application program interface (API) for transporting data.
A survey by Gartner indicate that many organizations are keen to embrace Internet of Things (IoT) technologies, but there are many companies that aren't convinced of its value or potential.
Robots are a valuable commodity on the plant floor and won't be going away, but for some tasks they aren't as useful as human workers because they lack the ability to adapt and adjust to changing situations.
The Internet of Things (IoT) has enormous potential and can change the way how businesses operate, but there are still numerous obstacles to hurdle before wide-scale adoption is possible.
Siemens' Simatic AFDiSD active field distributor features extended Fieldbus diagnostics that can be installed and allow users to access the latest information about their Fieldbus installation for information such as power, voltage and bus interruptions in real-time.
The OPC Foundation has created open-source availability of its OPC-UA technology and are also collaborating with the Object Management Group (OMG) to create a standard that will allow OPC UA and DDS to function together. The OPC Foundation also plans to demonstrate the addition of the publish/subscribe message to the OPC-UA specification at Hannover Messe 2016.
Wipro used a telematics system to connect 10,000 construction machines with the Internet of Things (IoT) that is designed to monitor real-time health and performance of the resources used.
Automation can help companies be more competitive, but that alone does not make a plant successful, productive, or profitable.
The Internet of Things (IoT) is on the cusp of making our lives easier as consumers and business professionals, but there is also a very real cybersecurity risk that needs to be addressed.
CiA 401, the CANopen device profile for generic I/O modules, was released in 1996 and has been consistently used by manufacturers. Future plans for CiA 401 include mapping for 64-byte process data objects (PDOs) and enhancing interoperability, with discussions underway about safety and security.
The Cybersecurity Framework created by the National Institute of Standards and Technology (NIST) is currently being used by 30% of U.S. organizations and is expected to reach 50% by 2020.
The Internet of Things (IoT) can help manufacturers in several ways by reducing costs and downtime as well as provide through operational savings and providing revenue systems.
With enough knowledge of a facility such as an oil platform, refinery, or pipeline network, a cyber attack that used distributed malware could lead to physical damage and serious losses of revenue.
Watch for a backdoor cyber security assault. The Juniper Networks incident in December 2015 changed how industry looks at device security as hackers exploit deliberate weaknesses being installed into software. End users, integrators, and device manufacturers need to adapt and prepare for this new reality. Follow these cyber security steps.
Bosch's IoT Cloud is designed to run various applications for its connected mobility, connected industries, and connected buildings businesses. The first cloud is located in Germany.
Top 5 Control Engineering articles, March 14-20: Ladder logic, Engineers’ Choice winners, sensor actuation charts, more
Articles about ladder logic, the 2016 Engineers' Choice Awards winners, sensor actuation charts, heat exchanger control strategies, and ICS threats were Control Engineering’s five most clicked articles from March 14-20. Miss something? You can catch up here.
China is pushing ahead with Industrie 4.0 with 94 intelligent manufacturing efforts in China Manufacturing 2025; challenges remain.
Ethernet networks have been used in industrial applications for many years, but large numbers of facilities still maintain older systems that lack many beneficial capabilities.
Upgrading a distributed control system (DCS) with a human-machine interface (HMI) was a simple process until the development team tried duplicatiing the functionality and identifying tag information.
Representatives of Platform Industrie 4.0 (I4.0) and the Industrial Internet Consortium (IIC) agreed to align their architecture efforts and have agreed to create a clear roadmap to ensure future interoperability.
Engineering and IT Insight: The way Microsoft is updating its Microsoft Windows 10 operating system, the ball is out of the user’s court. Instead, Microsoft has installed an automated ball machine that fires when it wants, even if the user isn’t ready. This new update scheme may wreak havoc for many mission-critical systems. Read this to know “why I should test” and why “Disable automatic updates.”
The American Recovery and Reinvestment Act of 2009 provided the Energy Department with $4.5 billion to modernize the electric power grid and transition it to a smart grid that is designed to be more responsive to changing power needs.
The Open Connectivity Foundation (OCF) has been established to unify Internet of Things (IoT) unifies the former Open Interconnect Consortium (OIC) with leading companies at all IoT levels to provide the key interoperability specification enabling IoT solutions.
The White House has allocated more than $19 billion in the 2017 budget for cyber security to enable agencies to raise their level of cyber security, help private sector organizations and individuals better protect themselves, disrupt and deter adversary activity, and respond more effectively to incidents.
Top 5 Control Engineering articles, February 15-21: Specifying a servo system, IEC 61131-3, VFD faults and failures, more
Articles about specifying a servo system, IEC 61131-3, preventing VFD faults and failures, well-ground serial networking, and the 2016 Engineers' Choice Awards winners were Control Engineering’s five most clicked articles from February 15-21. Miss something? You can catch up here.
Virtualization has significant benefits in computing and in networking, but the IT staff, OT staff, or system administrators must truly know their servers and network so they can be ready for challenges or potential cyber security breaches.
Fred Yentz, CEO of Telit IoT Platforms, talked about the company's plans to connect manufacturing assets to any enterprise system, vertically and horizontally at the 20th Annual ARC Industry Forum.
HMI designers and engineers should understand the characteristics, requirements, and design methodologies that ensure successful IIoT HMI deployments.
Users worried about cyber security think of the issue need to think beyond the technology issue and realize that people process, and technology all need to work together in harmony to achieve true security.
Think again about engineering communication and advice: Listening attentively is a learned skill; key phrases such as “what we learned” provide clues about where special attention is needed. Heed this advice on knowledge creation, automation investments, and cyber security from automation and control experts.
Wireless mesh networks offer a viable workaround to traditional wired systems. They can be deployed without costly construction or downtime. In addition, the networks can provide data in real time and increase production. A semiconductor company takes the plunge and solves its challenges with the mesh network technology.
HMS Industrial Networks AB has signed an agreement to acquire the Belgium-based company eWON SA, an IIoT (Industrial Internet of Things) manufacturer of intelligent Internet-based remote access routers.
GE Digital and Wurldtech are hosting a luncheon at the 20th Annual ARC Industry Forum in Orlando, Fla., on topics related to the Industrial Internet of Things (IIoT).
Several cyber security experts believe there will be more cyber security attacks and threats made against companies, infrastructure, and people in 2016. And while awareness continues to grow, there is still a false sense of security as technologies become “smarter” thanks to the Industrial Internet of Things (IIoT).
Engineering and service firms need to take advantage of the Industrial Internet of Things (IIoT) to be able to analyze the mass of data coming in and get creative in their approach to service offerings and customer engagement.
Physical security technologies are trending toward IP-based video surveillance and access control systems and can even include things such as biometrics and complex perimeter intrusion measures. Understanding Ethernet switches and which network architectures are best for physical security systems has become an important part of the discussion, particularly when the security system operates outdoors.
Advantech SQFlash is designed for data and storage security in many different vertical markets such as the automation, medical, and defense industries.
As the Industrial Internet of Things (IIoT) becomes more prevalent, there is a greater risk for intentional and unintentional cyber security breaches. Industrial control system (ICS) security should focus on advanced security-focused products; security as an attribute of all Ethernet devices; and further adoption of defense-in-depth as major trends going forward.
Ask Control Engineering: Extended support for Microsoft Windows XP Embedded has ended; what should I do?
Proprietary wireless systems and local area networks (LANs), while still in use, are being whittled away in spite of the time and expense many companies have invested into them in favor of open standard wireless networks.
Virtual machines can solve many problems while keeping operations flowing smoothly, but when companies are duplicating software via virtual machines, this brings up some ethical issues that need to be addressed.
There are a number of open standard wireless systems in use including Bluetooth, Z-Wave, ZigBee, Worldwide interoperability for microwave access (WiMAX), ISA 100.11, and wireless highway addressable remote transducer (WiHART). Each technology has its own specific advantages for particular industries.
ODVA announced the pending publication of a new volume in its specifications titled CIP Security and will be initially applicable to EtherNet/IP.
ODVA’s technical work includes the adaptation of time sensitive networking along with cybersecurity, application data models and communication integration standards.
National Instruments' NI Trend Watch 2016 is an annual report that examines a range of topics focused on the Internet of Things (IoT), managing data, and the impact of a world that is more connected.
A troublesome offshoot of radio frequency (RF) technology is radio frequency and electromagnetic interference, or RFI and EMI, respectively. EMI, in particular, can be a real challenge for users on the plant floor because of its impacts on WLAN technology.
ECS Solutions developed its S88 Builder Tool to write a program that can control a single process cell. Since its inception, the company has seen a 40% increase in labor revenue without increasing employment. See video discussion below.
More answers about information integration and Industrial Internet of Things (IIoT), the topic of a Dec. 3 Webcast, are provided by a system integrator and automation standards expert. Answers to more audience questions cover infrastructure, adoption and benefits, security, and networks and information integration. IIoT progress also requires effective policies, procedures, and training.
Wireless networks have been around for years now, but are they as common as some might expect? Understanding of how they work is beginning to seep through, but users are still asking basic questions. Video: Two wireless discussion panelists offer their thoughts.
Richardson RFPD's RFPA5522 and RFPA5542 Wi-Fi-integrated PA modules from Qorvo are three-stage power amplifiers designed for wireless access points and gateways and routers.
Because no system is ever perfect, a user’s wireless local area network (WLAN) will shut down. Understanding how and why this happened is important, and there are some fundamental steps the user can take to get things back on track.
No one I know waits until the last minute, but if they did, they might take advantage of nine free PDH Webcasts from Control Engineering offered in 2015 to satisfy year-end engineering training requirements.
Sooner or later, that legacy plant-floor network must be upgraded. When that time comes, control engineers should use network migration best practices.
Keeping your wireless network safe from attack requires vigilance—and the right software strategy.
Fujitsu’s Bluetooth Smart Module is designed to reduce cost and time to develop battery-powered wireless devices for IoT solutions.
Top 5 Control Engineering articles, October 19-25: Engineers’ Choice finalists, drive software, process optimization, more
Articles about the Engineers' Choice finalists, drive software and machine vibration, process optimization and VFDs, security for wireless instrumentation, and methane regulations were Control Engineering’s five most clicked articles from October 19-25. Miss something? You can catch up here.
The information age’s arrival in manufacturing is significant not only for what data you can access in your manufacturing operations but also how you can access it.
HBM Inc.’s perception high speed data acquisition software 6.60 for user customization and support for electric/drives testing.
Advantech’s Wise-4012E IoT Developer Kit is designed to help users with IoT projects and it can be accessed directly without an access point and configured through mobile devices with a HTML5 compatible web browser and to ensure the data can be accessed and configured from anywhere.
Kepware's IoT Gateway for KepServerEX version 5.19 is built to support Industrial Internet of Things (IIoT) deployments and streams real-time machine and sensor data into cloud-based software platforms for real-time analytics.
Software - Alarm management: Wonderware Alarm Adviser is a scalable web-based alarm analysis software that helps customers discover nuisance alarms in the process system through interactive visual analysis. This is a Control Engineering 2016 Engineers’ Choice Awards Winner.
Process Control Systems: Bedrock is automation reimagined to deliver the highest levels of security, availability, and performance to users. This is a Control Engineering 2016 Engineers’ Choice finalist.
The EnOcean Alliance and the Open Interconnect Consortium (OIC) announced a new liaison agreement and will result in solutions using the EnOcean energy harvesting wireless standard and the OIC specification in a joint effort.
Control Engineering Europe discusses the compliance issues surrounding the addition of wireless technology to original equipment manufacturer (OEM) machines.
As wireless local area networks (WLANs) become more ubiquitous, it is clear that necessary expansions of existing wired networks will be either extended—or replaced—by WLANs, and companies and users will need to adapt to the ensuing changes.
"Cyber-physical" describes an environment where machines operate automatically and rapidly based on real-time feedback and understanding the characteristics in this new, evolving environment is vital.
Think Again: Automation, controls, and instrumentation are used for cyber-physical integration, saving children, and developing technologies for 5G wireless communications. Get inspired at an engineering conference and share what inspires you. See photo gallery, video link, and extra insights.
Wireless tutorial: Depending upon what topology is being used, single-channel architectures (SCAs) or multi-channel architectures (MCAs) use multiple repeating channels in a set pattern should be considered for channelization.
Top 5 Control Engineering articles, August 31 to September 6: Industrial control panel standards, industrial control system protection, IoT risk management, more
Articles about industrial control panel builders changing, industrial control system protection, Internet of Things risk management, hybrid machines and CNC, and control system threat levels were Control Engineering’s five most clicked articles from August 31 to September 6. Miss something? You can catch up here.
This webcast explains how people, processes, and technologies at every layer are needed to lower cyber security risk for industrial control systems as well as initial steps to forming a defensive program.
Wireless tutorial: Virtual and physical site surveys allow the designer to anticipate and plan for several factors for designing a network that will meet the client’s expectations in different ways.
The Industrial Internet Consortium (IIC) has passed the 200-member mark and is creating Country Teams in four countries to focus on specialized use cases and testbeds.
Advantech's Wise-4000 IoT wireless I/O modules combines data acquisition, processing, and publishing into one I/O module and is designed for a variety of industries including environmental and machine monitoring as well as smart cities.
Devices that use the Internet of Things (IoT) are prevalent in highly regulated industries and the infrastructure supporting those devices is vulnerable to security flaws, according to a recent study.
Phoenix Contact's RS2005 and RS4004 mGuard variants combine secure routing, VPN, and firewall functions with an integrated switch designed to eliminate or reduce the need to install a stand-alone switch.
Really look at the Industrial Internet of Things (IIoT): How will device-level communication work using this developing technology? What is IIoT? Learn four IIoT misconceptions, five ways IIoT is new, and six reasons why the disruptive technology of IIoT will be slow to catch on.
National Instruments' LabVIEW 2015 system design software has added speed improvements, development shortcuts, and debugging tools, and has added features designed to help developers operate more efficiently. Load time is 8.7 times faster than LabVIEW 2013.
As technology continues to evolve, so do the risks that threaten the security of an industrial network. With more devices now being connected, outsiders have better opportunities to disrupt industrial processes.
The first of a three-part series on the Industrial Internet of Things looks at some of the research in the process industry around knowledge of and adoption of IIoT, and where companies see the benefits of a more connected enterprise.
Is the legacy software platform holding the projects back? Virtualization can offer a safe and affordable path forward.
The Industrial Internet Consortium (IIC) released the Industrial Internet Reference Architecture (IIRA), which is designed to provide a common language for the elements of Industrial Internet systems and the relationships between them.
Securing control systems with supervisory control and data acquisition (SCADA): SCADA software, part of many industrial control systems, can use the U.S. National Institute of Standards and Technology (NIST) framework for cyber security.
SCADA HMI software security: Understanding and preventing SCADA viruses, intentional and unintentional
Cyber security: Exploring some of the technical concepts will help an end user understand and prevent security flaws when creating SCADA and HMI software applications and the underlying networks architectures.
Intrusion detection software (IDS) for the IoT: What’s the point of protecting your embedded devices if you can’t tell if they are under attack? Why intrusion detection software is essential for web-connected devices.
Year 2020 outlook from Maverick Technologies: Automation value is more connected, collaborative, secure
Maverick Technologies, among the three 2015 System Integrators of the Year, offers advice on automation, controls, and instrumentation looking 5 years ahead, in honor of CFE Media’s 5-year anniversary. The approach to automation, networking, new people, collaboration, and cyber security will change in 2020. Advice from a system integrator follows.
Product Exclusive: Bedrock Automation’s industrial control system is an open automation platform that features universal software-defined input/output (I/O) and digital power supply as well as an electromagnetic backplane and embedded cyber defense features.
Control Engineering International: Radio frequency identification (RFID) technology will have a big role to play in the smart factory of the future, enabling things to communicate in real-time with manufacturing systems, according to Control Engineering Europe.
Emerson Process Management's AMS Suite version 13.0 software decreases start-up and turnaround times for HART devices and is designed to help users build more reliable wireless networks.
How to lower wireless cyber security risk: A wireless intrusion detection system (WIDS) is a software algorithm designed to monitor the wireless network for intruders and protect the network from attacks like social engineering, Denial of Service (DoS), man-in-the-middle (MIM), and other attacks designed to compromise a network’s security. Watch for these four social engineering cyber security hacks that can threaten wireless and wired networks.
Webcast questions and answers on reliable fiber optic networks: design and deployment best practices
Fiber optic network tutorial: Questions and answers follow about how to avoid electromagnetic interference (EMI) and achieve longer distances and higher performance using fiber optics for EtherNet/IP networks across manufacturing zones and devices. Panduit Corp. answers audience questions from an archived webcast on physical layer best practices and understanding proper fiber media selection for each physical layer in the EtherNet/IP network, along with design recommendations.
Webcast: Industrial Internet of Things (IIoT) and Industry 4.0 webcast: Overview and practical advice for today
Expert speakers briefly explain each the Industrial Internet of Things (IIoT) and Industry 4.0, then provide practical advice that manufacturers can implement today to realize productivity gains sooner rather than later.
The EtherCAT Technology Group (ETG) and the OPC Foundation signed a Memorandum of Understanding (MoU) at Hannover Messe 2015 to define common interfaces for Industrie 4.0 and the Internet of Things (IoT).
When industrial control systems (ICS) are compromised by cyber security threats, the U.S. government provides a confidential way to share knowledge of the threat and get help. ICS-CERT helps mitigate cyber risk in control systems and embedded systems including vendor testing, on-site assessments, and training. Jeff Gray, with the U.S. Dept. of Homeland Security, outlines the latest industrial control system security issues and cyber security recommendations from the Cyber Emergency Response Team (CERT), at the 2015 CSIA Executive Conference.
Cryptology consists of two parts: cryptography, which is the science of encryption algorithms and their use; and cryptanalysis, the science of deriving encryption keys or otherwise decrypting a message by the study of the encrypted message. This industrial wireless technology tutorial explains the basics of cryptology.
Top 5 Control Engineering articles, April 20-26: Instrument inspections in hazardous locations, Apps for Engineers, industrial Internet and the cloud, more
Articles about inspecting instruments in hazardous locations, Apps for Engineers, industrial Internet programs and the cloud, feed forwards augmenting PID control, and enabling efficiency in continuous control were Control Engineering’s five most clicked articles from last week, April 20-26. Miss something? You can catch up here.
Facing the increasingly severe information security issue of industrial control systems, the Chinese government has established a “Central Network Security and Informatization Leading Group” led by President Xi Jinping to raise network security to the national strategic level. The industrial information security market expects accelerated growth in the future, according to Control Engineering China.
Cyber security: Applications can improve power reliability and reduce energy costs by advancing network security and supporting system monitoring. Allowing network access raises cyber security concerns. Five defense-in-depth measures can help.
Tutorial on cyber security for wireless networks: Authentication and key management (AKM) is the term used to describe the process of IEEE 802.1X/EAP authentication and subsequent encryption key generation and is a major component of extensible authentication protocols (EAP) and IEEE 802.1X. Each time a client associates or re-associates, the entire AKM process must occur, which results in an extremely secure and robust wireless network. Learn the 4-way authentication handshake.
There are some misunderstandings regarding the multi-master functionality of CANopen-based control systems. The under-laying CAN data link layer is a multi-master protocol, and each CAN node has the right to request bus access at any time. Depending on the priority of the CAN data frame, the node gets immediate bus access or it has to wait.
The Control System Integrators Association (CSIA) has several committees and task forces are working on a number of initiatives and research to help system integrators improve everything from safety protocols to their presence worldwide.
Tutorial: The wireless adoption rate is growing, making security a greater concern. The IEEE 802.11i task group has developed advanced methods of securing wireless networks like counter mode with cipher-block chaining message authentication protocol (CCMP) and the advanced encryption standard (AES). See 5 keys in IEEE 802.11i.
Tutorial: Wireless security has come a long way from open system authentication (OSA) and some of the other building blocks like wired equivalent privacy (WEP) and temporal key integrity protocols (TKIPs). Understanding past network security, or the lack of it, can help with network security for today and in the future.
Wireless security tutorial: Wireless has become the communications medium of choice for many people and applications. However, without effective data security, wireless technology could not grow and people would still be reliant on wired systems along with the cost and inconvenience associated with them. Industries and businesses want to prevent intellectual property and production from being compromised. Learn about digital authentication, authorization, and accounting.
When designing a system and automating it, there are numerous professionals involved with each of the various areas: process, mechanical, electrical, programming, safety, environmental compliance, etc. Sometimes, due to the lack of communication, the process narrative is not representative of the process, just the abstract desired, yet unreachable, result.
Skkynet Cloud Systems' Secure Cloud Service is designed to provide system integrators, engineers, and managers of industrial, embedded, and Internet of Things (IoT) systems quick and easy access to a secure, end-to-end solution for networking data in real time.
Upper-level system applications rely on movement detection circuits to produce dependable triggers when objects enter, stop in position, and exit process stations. This is part 3 in a series on standardizing development of programmable logic controller (PLC) programming for controlling discrete manufacturing processes. See 5 ways to arm a sensing trigger. Link to part 1 and 2, below.
Fanuc America's FASBacCNC (FOCAS Automation Solution Backup CNC) is designed to prevent extended downtime as a result of the loss of critical files on the CNC following a hardware failure or operational mistake.
The second installment of the Cyber Security Essentials series looks at what a robust network security system looks like, with insights from an ethical, professional hacker.
The first installment of the Cyber Security Essentials series introduces the topic of cyber security and outlines the major concepts to be aware of. Don't think you're not at risk.
The Control Engineering webcast, Ethernet Hardware, Nov. 12, is available for archived viewing, and the system integrator who provided advice on industrial Ethernet hardware answered additional questions from the audience, below. This webcast is a Control Engineering Registered Continuing Education Program (RCEP) accredited for 1 professional development hour (PDH).
Learn about industrial Ethernet hardware through a system integrator's project experiences, including environmental considerations, assessment, specification, installation, testing, and start-up.
If a manufacturer can protect itself against an inside attack, then that line of defense should be strong enough to withstand a chunk of outside attacks.
A system integrator provides advice on industrial Ethernet hardware, infrastructure, design, devices, assessment, installation, and start-up, among other topics. See the information on industrial Ethernet hardware below and in a Control Engineering Registered Continuing Education Program (RCEP) accredited webcast, where registrants can receive a professional development hour (PDH).
Technology Update: Reduce network cybersecurity risk and optimize network performance by following these 5 steps to leverage best practices of network design.
With the development of the Internet of Things (IoT), securing a connected system is becoming a critical issue. Here are some tips and concepts provided by network security experts from Pack Expo 2014.
The ability to remotely access your control system as well as troubleshoot from a remote site is becoming increasingly important as wireless technology becomes more dominant in the manufacturing industry.
Industrial Wireless Tutorials: WLANs vary in the way communication is achieved and maintained including a basic service set, an extended service set, a mesh topology, and an ad hoc network. Learn how WLAN topologies and designs affect wireless performance.
Top 5 Control Engineering articles, October 13-19: Automating automation, the first PLC, the PLC’s future, more
Articles about automating automation, the first PLC, the PLC’s future, vision systems at an automotive plant, and analog instrumentation’s benefits were Control Engineering’s five most clicked articles from last week, October 13-19. Were you out last week? Miss something? You can catch up here.
Control Security: Phoenix Contact's mGuard Secure Cloud (mSC) is a web-based service that allows FL mGuard users to securely communicate with and support industrial equipment over the Internet. This is a Control Engineering 2015 Engineers’ Choice award winner.
Network Integration — Network Hardware: The Kyland PTC1000 clock converter is an IEEE1588 Precision Time Protocol to IRIG-B/PPS clock convertor specially designed to enable the time synchronization for conventional devices in an IEEE1588 system. This is a Control Engineering 2015 Engineers’ Choice finalist.
Coding scheme for interactive communication is the first to near optimality on three classical measures to remove noise from communications and improve reliability.
NIST's 3.0 framework update aims to transform the aging U.S. electric power system into an interoperable Smart Grid—a network that will integrate information and communication technologies.
Moxa's AWK-1131A IEEE 802.11n wireless AP/client has high-speed transmission rates up to 300 Mbps and features galvanic isolation, which breaks ground loops to help prevent unwanted current caused by different ground potentials from entering the device.
Critical steps to implementing a successful simulation network include establishing a simulation policy, defining long-term needs, and training your operations team.
What are automation engineers to do to enhance security while ensuring the need for barrier-free access to the process control system?
Belden's Magnum 10RX router and security appliance supports a range of networking protocols while offering advanced firewall protection.
The Hirschmann multi-port firewalls offer a new router redundancy and wide area network (WAN) interface.
Imagine a world in which your wristwatch or other wearable device communicates directly with your online profiles, storing information about your daily activities where you can best access it – all without requiring batteries.
Petrochemical plant adds new physical-layer technology to its long-running fieldbus networks.
The ReadyLink EtherNet/IP enabled position sensor is designed with a network interface that requires one network connection for configuration and control.
A computer algorithm called the Melbourne Shuffle could keep data secure in the cloud.
The PIC24F "GB2" microcontrollers (MCUs) by Microchip Technology are designed to enable secure data transfer and storage in portable embedded applications like IoT sensor nodes and access control systems. See related video demonstration.
Winsted's WELS4 is a 3D software program designed to improve the interactivity and speed of control room design and its 3D interfaces allows viewing from any vertical or horizontal angle.
In deploying industrial Ethernet, plant engineers and IT departments should use an Ethernet solution designed and established to connect across applications and from the end customer’s IT infrastructure down to assets on the factory floor. EtherNet/IP delivers the real-time performance, resiliency, and security of proven, but technically mature, fieldbus solutions, with the bandwidth, open connectivity, and future-proof adaptability of standard Ethernet, ODVA explains.
What automation professional can expect in the years to come with cyber security.
Articles about tuning PID control loops, U.S. public utility and cyber security, the future of operator terminals, real-time processing automation and control fundamentals, and mobile microrobots were Control Engineering’s five most clicked articles from last week, June 30 to July 6. Were you out last week? Miss something? You can catch up here.
Some of the most published cyber security events have been traced back to malicious content embedded on a trusted user's laptop through an e-mail or downloaded document. Is your process control network safe?
This webcast explains how industrial wireless technologies can provide cost-effective reliable communications rather than being expensive and potentially dangerous to workers.
Baby boomers from manufacturing automation industries are taking knowledge gathered through years of experience into retirement. Scrambling to find qualified workers to fill that void has begun. System integration and related technologies are helping.
Automation engineers can develop architectures that meet the demands of their applications by understanding the differences between distributed clocks and the IEEE 1588 precision time protocol.
Ask Control Engineering: What do I need to know about end of service (EOS) for Microsoft Windows XP, and what should I consider going forward? See 5 areas impacting cyber security, production reliability, and quality. Alert organizations have been migrating away from Windows XP; Microsoft may still provide limited support for companies that pay for extended support, costing at least $100,000 per year.
Articles about things noncontrol people should know about control engineers, fixing PID, the engineering job market, a strategy for the passing of Windows XP, and Control Engineering's salary and career survey were Control Engineering's most-clicked articles from last week, May 12-18. Were you out last week? Miss something? You can catch up here.
Should Microsoft think again? The end of Microsoft Windows XP support and related topics remained hot among the Top 5 Control Engineering articles posted weekly on www.controleng.com in April.
End of Microsoft Windows XP support raises concerns about industrial networks, connections to PC-based assets, and software patching. Assess software patching risks with 11 critical questions. In manufacturing plant floor applications, security and safety are an integrated concern. Control system cyber security is not the same as desktop PC security.
By isolating automation Ethernet networks, companies will see improvements and benefits in the following three areas: Network speed, simplified data, and network security.
Product suppliers, project service providers and system integrators, asset owners, and operators all need to be involved in cyber security, said Johan Nye, control systems commercial technology leader at ExxonMobil Research and Engineering, Fairfax, Va. Nye presented at the 2014 CSIA Executive Conference in San Diego on April 25.
Engineering and IT Insight: Does your manufacturing IT infrastructure have tools to handle 100 times the number of current connections and manage tens of thousands of new smart network connected devices, as industry moves to the Industrial Internet of Things (I2oT) and distributed control, with every device in a facility connected to a plant-wide Ethernet network? What got you here won’t get you there.
Were you out last week? Miss something? Here are Control Engineering’s five most-clicked articles from last week, April 13-19, including articles about Windows XP, small nuclear reactors, Google Glass intersecting with control systems, and strategies for the passing of Windows XP support.
The name sounds sinister because it’s a hacker’s dream, a secret vulnerability that has no specific defense.
Ideal Industries' IENet Pro Industrial Ethernet Cable Tester is designed for LAN testing efficiency and instantly verifies the integrity of two-pair and four-pair industrial Ethernet cables.
You have many good reasons for wanting to access your networks remotely, but such access is not without potential threats. How can you keep those networks secure?
Advantech's GPRS IP gateways, the EKI-1321 and EKI-1322, are designed for use in remote locations and feature two SIM card slots and allow the user to create a secure virtual private network (VPN).
Wireless networks can be as reliable as wired ones, and can empower workers to handle tasks they otherwise could not.
The recent Target credit card breach is set to generate a boom in demand for higher-security, dual-interface cards, with U.S. shipments forecast to surge twenty-fold from 2013 to 2018, according to a report from IHS Inc.
IHS estimates the world market for speed gates to be valued at $219.1 million in 2013 and forecast the market to grow to $310.0 million by 2017.
Do you know your ICSs well enough to recognize when something is happening that shouldn’t be? That knowledge is critical to your defensive strategy, and represents the biggest advantage you have over attackers. See step-by-step cyber security table with tools, tactics, and tips.
Ethernet networks provide plants with an open environment that connects local and remote plant devices with management tools, but open networks come at a cost: security. Several strategies can foster openness while promoting safety and cyber security.
Securadyne Systems has acquired IAS, a systems integrator with offices primarily based in the Southeastern U.S.
Think Again: Automation needs to be interconnected, optimized, and protected. Here’s why.
Cybersecurity microcontroller (MCU) global shipments are expected to almost double to 529 million units by 2017 because of increased demand for computer security and authentication tools.
Rockwell's Allen-Bradley E300 electronic overload relay integrates communication and Ethernet and has an embedded web server to simplify maintenance and control operations.
The MESP211 by B&B Electronics converts Modbus ASCII or RTU signals to TCP Ethernet and can control Modbus devices on LAN or WAN Ethernet.
Few technical barriers stand in the way of plant-to-enterprise integration today. It promises real-time data for making better decisions and optimizing production. But without a comprehensive corporate plan that sets goals and outlines results, mere connectivity is doomed to disappoint.
Network Integration - Ethernet hardware: The EDR-810 is a 10-port industrial-grade secure router with Firewall/NAT/VPN and managed L2 switching functions, which allows it to transmit data efficiently while protecting the network and critical devices from internal and external network attacks. This is a Control Engineering 2014 Engineers’ Choice honorable mention.
Global operator terminal revenue in 2012 shrank by 3.3% after two years of growth because of the selling price of operator terminals falling by 4%.
The access control industry continues to play second fiddle to the video surveillance industry in terms of its adoption of open standards, according to IHS Inc.
The EDR-810 by Moxa has a built-in managed switch and an industrial-grade secure router that helps protect the network and other devices from a potential cyber attack.
Moore Industries’ SSX and SST Safety Isolators and Splitters provide isolation and signal conversion for HART data and can serve as a splitter to send HART data to independent outputs.
FDT2 by the FDT Group separates device logic and user interface to enhance security, and it uses the .NET technological platform.
Moxa EDR-810 Router/Switch provides an all-in-one cyber security product, saving extra deployment costs and efforts that would be needed with multiple devices.
Engineering and IT Insight: Cyber-criminals are stealing manufacturing companies’ intellectual property (IP). Is your lack of cyber security hardware, software, and best practices giving away millions of dollars of IP to unknown competitors without your knowledge?
Metso's Jamesbury valves have been selected for an upgrade and expansion project by Heurtey Petrochem in Russia. The project is expected to be completed by 2014.
Measure risks and vulnerabilities in your industrial networks using tools developed for electric utility applications. Video: Justin Searle explains his projects with the DOE, the resulting tools now available, and the differences between industrial and conventional IT environments.
Icon Labs announces Floodgate Defender, a compact industrial firewall to provide cyber security protection for industrial, military, and critical infrastructure equipment.
A compelling reason for getting rid of the programs that you don’t use or need.
Despite the difficult retail climate, the consumer market for video surveillance equipment has continued to perform well, with double-digit growth forecast for both analogue and network product categories.
City surveillance and transportation are the largest end-user industries in China.
Medium-voltage Allen-Bradley Centerline motor control centers (MCCs) by Rockwell Automation have added EtherNet/IP to access information remotely. This allows personnel to safely monitor and diagnose potential problems without exposing the worker to potentially hazardous conditions.
Network Integration - Network hardware: The VPort 36-1MP-IVA-T megapixel HD IP camera supports -40 F to 167 F operation and onboard Intelligent Video Analytics, which uses advanced image algorithms for quick detection of a wide variety of security threats. This is a Control Engineering 2013 Engineers' Choice finalist.
Software - Applications: MarikonOPC Tunneller is the fastest, most trusted way to connect to remote OPC Servers. Whether connecting across different domains, through firewalls, or dealing with unreliable networks, OPC Tunneller has the application covered. This is a Control Engineering 2013 Engineers' Choice finalist.
As a student there is nothing better than hands on training and that is just what graduate students pursuing careers in cyber security got in a weeklong summer institute.
U.S. Department of Energy demonstrates tools to provide situational awareness of networks and control systems.
Sunday saw the end of the London 2012 Olympics and to repeat the favoured cliché of many pundits; the end of “the best ever games.”
The trend to IP-based video surveillance is, by now, firmly established. The question is no longer “Will IP-based equipment sales overtake analogue equipment sales?”
Alpha Wire has added Ethernet cables to their Xtra-Guard line. The cables meet NFPA 79 application requirements, appropriate for demanding industrial Ethernet applications.
Panel interface connectors decrease risk, allow PLC or PAC access without opening the control panel.
Engineering at 30 Frames: Understand the basics, future, and view a demonstration of Stuxnet
A survey by Norman ASA reveals more than half of IT leaders believe that malware threats are their biggest worry for 2012. They're also worried that the new malware is too sophisticated for their analysis and security capabilities.
Kontron's Power-on Built-in (PBIT) solution is designed to improve the reliability, safety and security of processor boards that are used for mission-critical applications.
The OVR NE12 is an enclosed surge protection device (SPD) designed to protect valuable equipment connected to the network for critical power, renewable energy, water, and other commercial applications.
ControlCore is a customizable mobile enclosure from Concept Systems designed to house all of the electrical and electronic components in a factory work cell.
Do you need to be concerned about security issues with programs that you don’t use? Yes.
New course material from Cybati has been used in FBI and university training programs, and is now available commercially.
The discussion early in August is back in the headlines as hackers gain stolen documents to pose as Google.
AvaLAN's AW900xTR and AW2400xTR outdoor wireless Ethernet modules received the certification, allowing them to be used in the oil and gas markets.
MatrikonOPC’s has updated their OPC Security Gateway with support for HDA OPC Servers
DePaul University expands its IT offerings with a new class on security for industrial control networks.
ISA100 Wireless Compliance Institute aims at making users forget about wireless standards so they can concentrate on applications, beginning with instrumentation.
Allen-Bradley NEMA and IEC Centerline low-voltage motor control centers provide seamless information exchange between plant floor devices and business-level systems to increase productivity and improve worker safety.
Cyber Sciences device can assist with cyber event forensics or analysis after process incidents and upsets.
Industrial operations are becoming more aware of their vulnerability to cyber mischief or cyber attacks. Here are seven tips that can create the foundation for a cyber security strategy.
While it seems that Siemens’ efforts to deal with the Trojan problem have been effective, the situation should remind us that such events must not be thought of as something that happen somewhere else. The folks from GarrettCom were reminding me of an article that we did last January, where we surveyed readers on their understanding of cyber security issues. Here’s the paragraph that they recalled particularly: “The first surprise was that 24% indicated they do not believe there are any threats and risks associated with their information control system that could affect their business operations. This seems very puzzling since most organizations operate with the understanding that there is no such thing as 100% security.
Information technology (IT) professionals are placing their bets on security-themed certifications as they plot their next career moves, a new study from CompTIA, a trade association for the IT industry, reveals.
The Schneider Electric Square D PowerLogic EGX300 Integrated Gateway-Server has Ethernet gateway functionality and Web functions to view critical real-time electrical system data and historical use patterns through trend plots to help optimize energy use and existing electrical infrastructure.
Complying with governmental regulations normally involves lots of paperwork and plenty of manual workarounds. Still another layer of knowledge is necessary to ensure suppliers are in compliance with certain standards. Governance, Risk, and Compliance (GRC) systems address these compliance issues and a lot more.
Control Engineering's cyber-security bloggers Matt Luallen and Steve Hamburg discuss their experience in the development of today's cybersecurity practices and how current developments are impacting the lives of engineers in the manufacturing industries. To view the video, go to www.controleng.com, click on the video tab in the multimedia box, select “view all videos” and then selec...
The security of a widely used radio frequency identification (RFID) chip has been broken by European researchers. The SANS Institute said researchers at a Dutch university broke the security of the Mifare RFID chip, which is used in the Oyster card, a prepaid smartcard used for travel on public transportation in the United Kingdom.
In three radio frequency identification (RFID) developments, a kit offers secure visibility and better performance over RFID harsh environment applications; Intel's RFID Transceiver R1000 chip won an award; and Premo RFID broadens tag range with Harsh-Tag-150W.
Control systems are threatened by cyber security intrusion. But there’s good news and bad news, said Rob Hoffman, manager communication & cyber security resources, Idaho National Labs.
Research Triangle Park, NC – A new American National Standard and an update of a widely used technical report on cyber security technologies have been released by ISA. ANSI/ISA-99.00.01-2007, Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, and Models, focuses on key concepts, terminology and models, and will serve as a foundation for standards now in development in the ISA99 series.
Sometimes it’s easy to forget about the people aspect of control systems. Multiple regulatory rules, laws, and internal procedures require that people who perform shop floor actions are unequivocally identified, are authorized to perform the actions, and have valid training or qualifications to perform the actions.
Vancouver, BC, Longview, TX, and Napa, CA—The world of industrial automation might become safer as a result of recent cooperation. Wurldtech Security Technologies has announced a three-party cooperative agreement with Tegron and FluidIQs to develop and deliver advanced security solutions to the global industrial automation market.
Research was undertaken to gain a better understanding of Control Engineering subscribers’ applications and needs regarding human machine interface (HMI) software.
CIO alert: Most believe a mobile breach is inevitable; it’s time to actively monitor data stored on corporate mobile devices
If a device falls into the wrong hands, the impact on a company's competitive positioning, brand and reputation could be severe.
Much data transmitted over networks is sent in clear text, making it easy for unwanted persons to capture and read sensitive information. Encryption plays a vital role in securing these data by translating them into a secret code. It protects data from intruders and ensures that only the intended recipient can decode and read the information by accessing a secret key or password that enables de...
Cooper Bussman InVision system detects when a circuit protection device has opened, alerts maintenance personnel which device has operated (phone, text, email), where it is located, part number of the replacement device, and the appropriate level of personal protective equipment to wear to replace or reset the device.
Malware refers to any software that secretly infiltrates and damages a computer system without the informed consent of the owner. Despite the use of anti-virus and anti-spyware software, malware can still affect even careful users. One of the stated goals of the Microsoft Windows Vista release is to greatly improve the overall security of the Windows operating system and curb the impact of malware.
IBM will acquire Atlanta-based Internet Security Systems Inc. (ISS) in an all-cash transaction for about $1.3 billion, or $28 a share. The move is subject to shareholder and regulatory approvals and customary closing conditions. The deal is expected to close in the fourth quarter. The acquisition is IBM's fourth in recent weeks, and at $1.
Westminster , CO — SkyeTek Inc. unveiled what it calls the industry’s most advanced security technology for protecting the integrity and privacy of broad radio frequency identification (RFID) implementations in HF and UHF. The best cryptography implemented today is found in government, financial, and Internet applications in the form of Advanced Encryption Standard (AES) and the Secure Hash Algorithm (SHA), specified as industry standards.
The US Department of Homeland Security, Control Systems Security Program (CSSP) announces a Web site resource for control systems security personnel. The site provides Control System Security Program activities, as well as information on cyber threats, vulnerabilities and mitigations. Recommended practices for securing control systems, which have been vetted through industry and government experts, are available through the US CERT Control Systems web site ( www.us-cert.gov/control_systems ). Site topics include a control systems vulnerabilities overview, a discussion of cyber threats to control systems, related training courses and relevant standards and references.
A May 25 arc-flash safety Webcast from a sister publication to Control Engineering offers explanations about technologies and training to avoid this industrial hazard.
An AWG #10 push-wire connector is the latest addition to the Wall-Nuts product line from Wago. Series 773-173 Wall-Nuts connector is designed as an alternative to traditional twist-wire connectors. No twisting and taping are required. The technician strips the wire and inserts the conductor. A transparent housing allows visual confirmation of the connection.
Two chemical-industry cybersecurity groups agreed to merge their efforts into one organization- The move to consolidate initiatives, expected to be complete by Jan. 1, 2006, follows two years of cooperation between the Chemical Sector Cybersecurity Program (CSCP) and the Chemical Industry Data Exchange (CIDX).
Arlington, VA —Two chemical industry cybersecurity groups agreed to merge their efforts into one organization. The move by the Chemical Sector Cybersecurity Program (CSCP) and the Chemical Industry Data Exchange (CIDX) to consolidate initiatives follows two years of cooperation between the two groups. CIDX’s Board of Directors voted late last month to consolidate the CIDX Cybersecurity Initiative into the CSCP. The new organization, which will continue as the CSCP, addresses issues related to the industry’s cybersecurity implementation, advocacy, and outreach. According to CSCP Director Christine Adams, bringing together the two initiatives will help the new organization respond more effectively to emerging sector needs as it focuses on generating widespread adoption of cybersecurity practices and tools.
In most instances, physical site security of a manufacturing or processing facility has been treated as a separate endeavor from control system security. As a result, facility security—especially for remote facilities—has been left largely to security firms using video surveillance.
San Jose, CA—Though network security appliance and software revenues increased worldwide by 5% from the last quarter of 2004 (4Q04) and 1Q05, they’re forecast to shoot up 27% to $1.3 billion in 1Q06, according to “Network Security Appliances and Software,” Infonetics Research’s quarterly worldwide market share and forecast service.
By saying, in February 2003, that the protection of control systems had become "a national priority," President Bush set off a flurry of security activities in the industrial sector. We remain, however, a long way from reaching the goal of secure industrial infrastructures. So that an appropriate layer of security can be added, most of the past few years' security efforts have been spent simply...
Pittsburgh, PA—More than a dozen companies, including Eaton Corp., met earlier this year with the National Electrical Manufacturers Association's (NEMA) Anti-Counterfeiting Committee to address the growing installation of unauthorized electrical aftermarket products that jeopardize personnel safety and the integrity and code compliance of electrical distribution systems worldwide.
Washington, D.C.; London, Ontario, Canada—Danaher Corp. has agreed to acquire all shares of Trojan Technologies Inc. for approximately $185 million in cash, including transaction costs and net of cash acquired.
Protecting people and equipment from "arc flash" will be the theme of Plant Engineering magazine's latest Webcast on Sept. 30, 2004. This online event will address: electrical documentation accuracy; protection devices available to increase worker and equipment safety; and knowledge required to make all these pieces fit together.
Many users of personal data assistants (PDAs) store sensitive data on devices that have no security protection, a new survey shows.
The U.S. General Accounting Office recently reported that, besides increasing general cyber threats, several factors are contributing to escalated risks of cyber attacks against control systems. These factors include adoption of standardized technologies with known vulnerabilities and increased connectivity of control systems to other systems, according to GAO's report, "
Testimony from the U.S. General Accounting Office(GAO)on the "Challenges and Efforts to Secure Control Systems". Securing control systems poses significant challenges including united specialized security technologies and lack of economic justification. Read the report from GAO here.
Verano Inc. reports that its Industrial Defender solution suite addresses the five phases of best practices for mission-critical security defined by NIST, NIPC, Department of Homeland Security, Argonne National Labs, Sandia National Labs, and Pacific Northwest Labs. These five phases are: monitor, detect, notify, protect, and recover.
Many companies are considering using the Internet for supervisory control and data acquisition (SCADA) to provide access to real-time data display, alarming, trending, and reporting from remote equipment. However, there are three significant problems to overcome when implementing an Internet-based SCADA system.
Las Vegas, Nev. - Intermec announced on May 6 at NetWorld+Interop 2002 a partnership with Funk Software (Cambridge, Mass.) that will provide 802.1x wireless security for Intermec 802.11 MobileLAN wireless systems.
A computer virus is a self-replicating program designed to wreak havoc with computers. Some of them are benign, but mostly they're no laughing matter. For example, the "Love Bug" virus, which appeared in early May, affected businesses and government agencies throughout the world. Many companies, large and small alike, had to shut down their computer systems to handle the attack, causing g...
Chicago, Ill.—Software security is based on how applications and operating systems are constructed, but security also involves plant procedures, building security, and employee education, among other things, according to key software vendors at National Manufacturing Week, March 3-5, here. Proper software security measures are "very scarcely implemented," according to Dirk Rouffaer, Schne...