View All Cybersecurity
2024 Engineering Leader Under 40: Nicole Riddle, 32
Nicole Riddle, 32, OT Cybersecurity Engineer, Applied Control Engineering Newark, DE
Engineering Leader Under 40, 2024: Tim Mullen, 31
Tim Mullen, 31, OT Cybersecurity Engineer, Applied Control Engineering, Newark, DE, United States
Operational technology cybersecurity: Easier said than done
How do engineers deal with construction challenges associated with implementing cybersecurity in operations technology? This article will discuss the lack of experience system integrators have with cybersecurity and the lack of experience cybersecurity implementation firms have with design/bid/build project delivery.
IT/OT cybersecurity, part 3: Starting the cybersecurity journey
Getting started on the cybersecurity journey involves asking some hard questions and being the aggressor and learning as much as possible about its strengths and especially its weaknesses.
Four steps to designing for future OT cybersecurity challenges
Manufacturers are continuing to be a major target for cybersecurity attacks and need to plan and design for the future. Four steps on how to do this are highlighted.
Computer chip safeguards smart phone user data while enabling efficiency
Researchers have developed a security solution for power-hungry AI models that offers protection against two common attacks.
IT/OT cybersecurity, part 2: Developing a proactive and successful approach
A successful cybersecurity approach for industrial companies is proactive and requires a thorough plan that assesses and implements many tools and procedures to keep workers on alert and ready for a potential attack.
Level sensing cybersecurity considerations for engineers
The importance of specifying level sensing solutions which can offer security against cyber attacks is significant.
Why is trust becoming such a big issue?
The latest thinking of automation vendors, relating to cybersecurity in the OT environment, indicates trust is an issue.
Using cybersecurity insights to manage site-level risk and compliance for OT facilities
Organizations can use timely and actionable operational technology (OT) cybersecurity insights to help identify and respond to the latest threats.
The impending impact of CMMC on the DoD supply chain
Cybersecurity maturity model certification (CMMC) and NIST SP 800-171 compliance are crucial for current and future DoD-related opportunities for companies. Understand three certification levels and seven reasons to start now.
Critical infrastructure systems are vulnerable to malware attacks
Engineers and computer scientists show how bad actors can exploit browser-based control systems in industrial facilities with easy-to-deploy, difficult-to-detect malware.
IT/OT cybersecurity, part 1: Security challenges, trends and methods that don’t work
Cybersecurity is a bigger challenge than ever for information technology/operational technology (IT/OT) networks and many companies aren’t using the right approaches to solve the problem.
Tamper-proof ID tag can authenticate almost anything
MIT engineers developed a tag that can reveal with near-perfect accuracy whether an item is real or fake.
Top 5 Control Engineering content: February 19-25, 2024
The top 5 pieces of content from the past week includes DCS, VFDs and digital transformation.
Artificial intelligence in cybersecurity
The use of artificial intelligence has skyrocketed across almost every industry vertical, and cybersecurity is no different.
How to lower industrial cybersecurity risk: Help from CISA, INL, ARC Advisory Group
Industrial cybersecurity advice from ARC Advisory Group, Cybersecurity and infrastructure Security Agency (CISA) and the Idaho National Lab Cybercore Integration Center aimed to help attendees of the 2024 ARC Industry Leadership Forum.
How to protect and safeguard critical OT infrastructure
Operational technology (OT) is at greater risk from cybersecurity attacks than ever and it requires a good, holistic plan that keeps workers educated and vigilant.
Six best practices for OT cybersecurity
Exploring the complexities of cybersecurity for operational technology can be a daunting task; this article delves into the challenges of IT/OT integration, exposes vulnerabilities, and advocates for a balanced, strategic approach to safeguarding critical infrastructure in the digital age.
Upgrade cybersecurity now with ODVA; SPE demo simplifies wiring
Networking organization ODVA, governing organization for EtherNet/IP, DeviceNet and other protocols, stepped up cybersecurity efforts and demonstrated single-pair Ethernet (SPE) capabilities.
Secure Remote Access: 5 New Ways to Close the Identity Gap in OT
In this highly interactive webcast and demonstration, Jeff McDaniel, principal security engineer with Airgap, will show how easy it is to close the gap between access and identity for OT. You will come away from this practical webcast with insights on:
Video: Examining plant floor network security and protection methods
In this virtual training we will discuss some simple ways to help improve control level network security using very economical tools.
Securing OT with IT cybersecurity best practices
With digital transformation comes the need for robust cyber security specific to the OT domain. Looking to the IT domain can offer solutions.
Five pillars to improve operational cybersecurity: Do you need essential help?
A operational technology cybersecurity consultant provides advice in a Pack Expo Las Vegas 2023 session and provides more information about how to improve OT cybersecurity. See video.
The importance of keeping OT legacy systems secure
Virtual patching solutions for an operational technology (OT) centered cybersecurity platform is critical for industrial applications.
The human role in cybersecurity cannot be underestimated
When it comes to cybersecurity, the role of the human cannot be overemphasized and it is vital all employees have a good understanding of their role.
Improving digital chip security for semiconductors
Voltage-controlled magnetic random-access memory (MRAM) technology can help enhance security and protect semiconductors and other devices against unauthorized cloning or copying.
Are you using the available $1 billion to patch critical infrastructure vulnerabilities?
Critical infrastructure organizations need to use the $1 billion in Department of Homeland Security funding to bolster cybersecurity for critical infrastructure vulnerabilities.
Cybersecurity’s role in improving industrial Ethernet
All devices in a manufacturing facility need cybersecurity as they transmit data through the internet and picking the right network architecture and technology is crucial.
How to protect smart machines from cybersecurity attacks
Smart machines can provide enormous amounts of data and productivity, but they can be more vulnerable to cybersecurity attacks. Learn to protect, minimize operational risks in 5 ways.
Why an OT-centered cybersecurity platform is critical for industrial manufacturing
A centralized security management platform plays an important role in avoiding human error by reducing deployment complexity is greatly reduced as a result, flexible authority delegation and more.
Control Engineering hot topics, March 2023
Control Engineering's most clicked articles in March 2023 included stories on Microsoft DCOM, edge computing and controllers, new automation technologies, advanced analytics sustainability and more. Miss something? You can catch up here.
Top 5 Control Engineering content: February 20-26, 2023
The top 5 articles from the past week include cybersecurity news, mergers and acquisitions, and neural networks.
How to optimize industrial motor communications, Part 4, cybersecurity
Three thought leaders offer advice on improving industrial motor communications and how cybersecurity helps engineers, in this transcript from an August 2022 webcast. Part 4 discusses how three industrial internet protocols handle cybersecurity and how cybersecurity matters for motor-drive communications. Link to other parts.
Top 5 Control Engineering content: January 30 to February 5, 2023
The top 5 articles from the past week covered Control Engineering hot topics, Microsoft DCOM, system integrator advice and more.
The importance of focusing on cybersecurity for SI projects
Industrial control system (ICS) cybersecurity is increasingly important. From the start, involve the right people from operational technology (OT) and information technology (IT) to collaborate on OT cybersecurity needs.
Removing IT/OT barriers to ensure plant floor safety, operational integrity
Securing industrial control systems (ICS) differs from protecting enterprise networking and information technology (IT) and operational technology (OT) teams must work toward alignment as cybersecurity threats rise.
Cybersecurity suite services expanded to improve risk identification, customer support
Eaton is expanding its suite of cybersecurity services and leveraging its partnership with Tenable to improve risk identification.
Industrial cybersecurity market to reach $43 billion by 2032
Future Market Insights' research indicates the industrial cybersecurity market will grow to $43 billion by 2032.
OT threat detection and research benefits for manufacturers
Operational technology (OT) systems are in more danger than ever of being hacked and manufacturers have to step up their awareness. See four ways the OT cyber attack surface is increasing.
Securing the edge in a manufacturing facility
Manufacturers looking to gather more information at the edge need to have a strong cybersecurity program in place, but not enough do, leaving them at risk. See four ways to increase cybersecurity shields.
Top 5 Control Engineering content: August 22-28, 2022
The most-viewed content from the past week covered 5G, SCADA, programming, cybersecurity advice and more.
Nine reasons why ICS/OT infrastructure is insecure
Industrial control system (ICS)/operational technology (OT) infrastructure security is different in many ways from informational technology (IT) security. Nine reasons why the infrastructure is insecure are highlighted.
How cross-domain solutions can protect OT from IT-level attacks
Cross-domain solutions (CDS) can help secure communications between information technology (IT) and operational technology (OT) domains.
Assessing ransomware risk in IT and OT environments
Industrial organizations and governments are struggling to get their hands around the complicated cybersecurity issue of ransomware risk
Four cybersecurity technologies, concepts can reduce industrial network risk
Explore the qualities and benefits of zero trust, principle of least privilege and other methods of improving cybersecurity. Four key technologies and security concepts are highlighted.
Four cybersecurity approaches and strategies for industrial networks
Companies implementing a cybersecurity program need to have a clear agenda and know the tools available. Four approaches and products are highlighted.
What a shields-up approach means for industrial companies
As cyberattacks against manufacturers increase, companies are being advised to raise their shields and pivot toward a zero-trust cybersecurity strategy. Five zero trust elements are highlighted.
What’s behind the IT/OT divide?
The IT/OT divide comes from cultural differences, but the gap can be bridged by creating cross-functional teams, open communication and more.
Improving your OT cybersecurity posture
Companies need to ask fundamental questions about where they stand with OT cybersecurity in the short- and long-term to improve their position.
What critical infrastructure can learn from Conti Ransomware leaks
Attacks on critical infrastructure increased by 3,900% from 2013 to 2020 because of Ransomware gangs like Conti ransomware
Three steps to building an ICS/OT roadmap
Companies realize they need to enhance their cybersecurity footprint, but often don't know how to start. Three steps to building a roadmap are highlighted.
The impact of proposed SEC cybersecurity rules on public companies
In March of 2022, the Securities and Exchange Commission (SEC) proposed amendments to its cybersecurity rules and regulations. The proposed changes would require reporting of cyber incidents and disclosure of cyber mitigation strategies, both leading to stronger relationships between chief information security officers (CISOs) and board-level decision makers.
Stronger security systems for smart devices
MIT researchers demonstrate two security methods that efficiently protect analog-to-digital converters from powerful attacks that aim to steal user data.
IDS developed for industrial control systems
Southwest Research Institute (SwRI) has developed an intrusion detection system (IDS) for industrial control systems (ICS) used in critical infrastructure and manufacturing systems.
Four benefits of OT endpoint security asset management
How endpoint OT security asset management improves a CISO's ability to deliver measurable and rapid improvements to OT cybersecurity.
Adapting XDR for OT cybersecurity
These five adaptations of traditional IT XDR allow IT security teams to achieve effective and efficient multi-telemetry detection and response in OT environments.
Six ways to strengthen OT security
When it comes to operational technology (OT), there are frequently missed elements of a strong security program that could leave companies exposed. Six methods to improve are highlighted.
Automated manufacturing cybersecurity risks
There is a strong need to take a fresh look at automated manufacturing with concern to cybersecurity. Three risks and three tips are highlighted.
Industrial robot utilization requires cybersecurity strategy
Digitalization and AI bring opportunities for robots, but also a degree of cybersecurity risk as more data is gathered and processed all the way from the edge to the cloud and beyond.
Cybersecurity and the human element
The human element is the biggest obstacle when it comes to cybersecurity because people often need to act against their nature to be successful.
More connected industrial workers: How are companies mitigating risk?
With more remote connections to industrial plants and facilities, risk of cybersecurity breaches has increased. What risk mitigation is in place?
Operational technology risk assessments and cybersecurity principles
Assessing and monitoring the security of operation technology (OT) systems can be aided by conducting an OT cybersecurity threat risk assessment (TRA). An eight-step procedure is outlined.
Operational technology risk assessments and security reviews
Protecting key resources and critical infrastructure (CI) is essential to security, public health and safety, economic vitality and our overall way of life.
Cybersecurity advice: Micro-segmentation in ICS environments
Examine micro-segmentation as part of a broader cybersecurity architecture, not a replacement for the current cybersecurity architecture. Industrial cybersecurity system micro-segmentation decreases the attack vector on industrial environments, according to a company with a Control Engineering Engineers’ Choice Award product.
Structure of IEC 62443
IEC 62443 is the international reference standard for industrial cybersecurity of components and systems developed in conformity with ISA/IEC requirements.
How a unified operational system helps cybersecurity
Cybersecurity can improve with a unified operational system that integrates multiple pieces of equipment, updates codes and standards, combined with multiple original equipment manufacturers (OEMs) and software packages, providing a unified dashboard for the operator, according to a company with a Control Engineering Engineers’ Choice Award product.
Five principles for guiding OT cybersecurity governance
Five principles to establish the right operational technology (OT) cybersecurity governance model for an industrial organization can create a more secure environment.
Lack of qualified cybersecurity personnel for wastewater facilities
Many water, wastewater, and other critical infrastructure organizations lack OT personnel skilled in cybersecurity and this could be dangerous when facing ransomware attacks such as BlackMatter
Reducing risk and responding to industrial environment threats
Many industrial organizations want “visibility” or “detection” but aren’t clear on the ultimate objective or how to measure it.
Cybersecurity-centered systems and fundamentals
For modern industrial control systems (ICSs), cybersecurity involves technologies and user best practices. Four cybersecurity fundamentals are highlighted.
Five steps for OT endpoint security success
Organizations need endpoint security and protection to stop ransomware in its tracks, but also to demonstrate improvement and secure baselines to various stakeholders.
Hottest topics in industrial cybersecurity for 2021
Analysis of past attacks in the throwback attack series, attacks on operational technology assets, industrial malware, industrial ransomware and physical plant damage beyond computers are among leading topics of industrial cybersecurity interest in 2021.
Cybersecurity and resilience in manufacturing
Having an OT/IT convergence strategy is essential to OT cybersecurity.
Good cybersecurity requires IT/OT convergence
Bridging the gaps between information technology (IT) and operational technology (OT) can improve performance on the floor and reduce risks to operations.
Securing your facility
Many cybersecurity steps are simple, but they must be done
Cybersecurity and IT/OT convergence: A pathway to digital transformation
The history of industrial information technology (IT) set the stage for the Industrial Internet of Things (IIoT) and digital transformation; keep it safe with cybersecurity best practices.
Cybersecurity and IT/OT convergence: How important is your data?
Manufacturers should take time to delve deeper into the needs and goals of the organization while considering associated risks.
Bridging the IT and OT gap for a power service company
A power service company and system integrator collaborated to merge information technology (IT) and operational technology (OT) to create a secure platform for the power service company’s operations in Chile.
Cybersecurity and IT/OT convergence: How to prepare your team
As the IT and OT worlds continue to overlap, take time to prepare your team for the impact of IT security on OT applications.
What OT teams can learn from IT teams
By applying information technology (IT) strategies and organization, operational technology (OT) can monitor and manage cybersecurity measures more efficiently.
Mitigating cloud security threats
Cloud security has some pretty major flaws such as configuration errors, malware, insider threats, data breaches and even account hijacking
How manufacturers can improve cybersecurity
The rise of Industry 4.0 means there are greater cybersecurity risks and manufacturers and engineering sectors need to take a hard look at what they can do to keep their new systems safe.
Protecting U.S. critical infrastructure from cyberattacks
Security approaches that uses several layers of defense mechanisms placed in a computer network to defend against malware attacks
Five levels of cybersecurity in an automated network
Best practices manufacturers can implement to better secure their network in many ways. Five levels of cybersecurity are highlighted.
Top 5 Control Engineering articles October 25-31, 2021
Articles about cybersecurity tactics, Engineers' Choice finalists, digital transformation, embedded systems and system integrators and cybersecurity were Control Engineering’s five most clicked articles from October 25-31, 2021. Miss something? You can catch up here.
Cybersecurity demands coordinated tactics
Securing operational technology (OT) networks for resiliency against cyberattacks requires coordination between information technology (IT) and OT personnel, and recognition of the differences between the two domains
Seven questions to ask when choosing an OT cybersecurity solution
Matching individual needs with specific operational technology (OT) cybersecurity solutions can be a difficult task. Seven questions are highlighted to make the process easier.
Reducing risk and responding to threats in industrial environments
Know the overall objectives of operational technology (OT) cybersecurity and to ensure progress against risk reduction and threat response. Three steps for reducing risk and threat response are highlighted.
Three ways to ask a CISO for an OT cybersecurity budget
Operational technology (OT) is having a greater role in cybersecurity for manufacturing companies and taking the right approach with the chief information security officer (CISO) is critical.
IT/OT convergence advice, best practices for manufacturers
Cybersecurity experts offer advice and best practices on information technology/operational technology (IT/OT) convergence and how manufacturers can prepare themselves for challenges.
How to solve legacy OT security challenges
Legacy OT security challenges are overcome by using best practices for visibility architecture and increasing compatibility
OT network security benefits for manufacturers
There are many aspects to an OT network that don’t just fall under the hardware/software umbrella. Physical security and policies and procedures are just as important.
Three ways IT/OT convergence is critical to industrial cybersecurity success
It has been said many times that IT and OT need to work together, but why is it so important? Here are three day-to-day functions where IT/OT convergence will help with risk reduction and improve your chances of success.
Four key steps to help your organization achieve IT-OT convergence
IT and OT teams often seem like they're in different worlds. To bring true IT security into the OT environment, here are four key steps to help organizations create IT-OT convergence.
Four key steps to help your organization achieve IT-OT convergence
IT and OT teams often seem like they're in different worlds. To bring true IT security into the OT environment, here are four key steps to help organizations create IT-OT convergence.
Four key steps to help your organization achieve IT-OT convergence
IT and OT teams often seem like they're in different worlds. To bring true IT security into the OT environment, here are four key steps to help organizations create IT-OT convergence.
Fearlessly implement cybersecurity at the edge
Edge computing is a growing trend in manufacturing and business. So what exactly is edge computing, and what does it mean for information security?
Takeaways from 2020 ICS vulnerabilities report
Industrial control system (ICS) attacks are increasing and many of them can be performed with little skill required, which should be an alarm bell for many companies. Four preventive options are highlighted
Improve legacy critical infrastructure protection
Distributed network protocol 3.0 (DNP3) is a widely-used serial communications protocol for industrial control systems (ICSs) and is becoming a frequent target for hackers.
Importance of operational resilience in a threat landscape
Having realistic expectations of addressing a threat and knowing how to respond in an emergency in an efficient way are essential.
What to know if conducting business with the U.S. DoD
The cybersecurity maturity model certification and NIST SP 800-171 Department of Defense (DoD) Assessment explained.
The IT/OT convergence conundrum
Although a lot is being said about the pros and cons of information technology/operational technology (IT/OT) convergence, there is often little appreciation of what companies at different stages in their evolution may need to do.
Managing the costs of OT cyber insurance
Cybersecurity insurance is a major aspect of risk management for many companies as attacks against operational technology increase. Four safeguards against ransomware are highlighted.
Cybersecurity maturity model certification (CMMC) for the U.S. DoD supply chain
Cybersecurity vulnerabilities and intrusions pose major risks to the Department of Defense (DoD) and its supply chain which is why the DoD is requiring compliance to CMMC
How the American Jobs Plan could improve critical infrastructure cybersecurity
Provisions within the American Jobs Plan could improve critical infrastructure cybersecurity, but it's the first in many steps needed to make the nation safer from cyber attacks.
What OT teams can learn from IT strategies and structure
By applying information technology (IT) strategies and organization, operational technology (OT) teams would be able to monitor and manage cybersecurity measures more efficiently.
Ignoring cyber risk is dangerous to society and your bottom line
There continues to be a fundamental friction between the estimation of cyber risk and the short-term thinking of today’s quarterly budgetary decisions, which can lead to very bad results during the road.
Training the next generation of cybercops
University of Houston's program recruits ROTC students as future cybersecurity gatekeepers.
Three ways to ensure and optimize cybersecurity maturity
Cybersecurity maturity and optimization are crucial as attacks against operational technology (OT) continue increasing.
Upgrading industrial PC cybersecurity in manufacturing
Cybersecurity attacks against manufacturers and other industrial sites are growing and companies need to develop a cybersecurity plan that protects industrial PCs and other vulnerable targets that, until recently, were not connected to the internet.
How to protect OT/ICS systems from ransomware attacks
Reduce the risk of ransomware attacks on OT/ICS systems by following these prevention tips
Changing a network security approach
Most organizations rely heavily on security architects to vet products and assemble optimal solutions that align with security, technology, and business requirements, but a different approach is needed in manufacturing facilities.
Companies need to reassess their cyber-physical security risk
Chief financial officers (CFOs) and audit committees need to have a radical reimagining of what cyber-physical security risk means for their organizations.
Bridging the cybersecurity leadership gap
Cybersecurity challenges requires a different approach to problem-solving because it is a different kind of problem and requires strong leadership at the top.
Cybersecurity education and research institute established
The Northwest Virtual Institute for Cybersecurity Education and Research (CySER) program establishes a cyberoperations research and teaching center at WSU along with University of Detroit Mercy and Mississippi State University.
Manufacturers adjusting to a changing risk landscape
IEC 62443 can hold the answer to enhancing cyber resilience for manufacturers and smart factories as it aims to mitigate risk for industrial communication networks by providing a structured approach to cybersecurity.
Making computers more secure
Columbia Engineering researchers design new techniques to bolster memory safety.
Cybersecurity management tips for an organization
Having a robust strategy, building organizational engagement, and more importantly and realizing operational excellence are keys to cybersecurity management success.
How ransomware hackers are trying to bribe employees
A look at how hackers tried to bribe an employee at a major company and the lessons companies can take from this incident.
Looking into the cybersecurity future through the past
The past informs the present when it comes to cybersecurity and what we once thought of as fanciful is becoming a reality. What people are willing to do will inform our future.
Differences between local and international cybersecurity standards
Understanding what is required at the local, national and international level when it comes to cybersecurity standards can reduce confusion.
Benefits of a multifunction platform for IT/OT security in the age of CMMC
As the Cybersecurity Maturity Model Certification (CMMC) rolls out, it’s important for manufacturing companies to think more broadly than just CMMC.
Unlikely cybersecurity targets are a myth
There is no such thing as an unlikely cybersecurity target and those who believe so are the most vulnerable to a potential attack.
Disconnected cybersecurity systems are a myth
In today's modern manufacturing environment, there is no such thing as a "disconnected" system from cybersecurity, and believing systems that are among the most vulnerable.
Six steps to an effective cybersecurity plan
Physical security, cybersecurity education, IT/OT separation and outsourcing when necessary are crucial to effective cybersecurity.
Six steps for cyberattack incident response planning
Developing a strong cyberattack incident response plan requires a thorough examination of everything from building a response team to actually testing out the plan and ensuring it works.
Benefits of OT system management for cybersecurity plans
Operational technology (OT) systems and networks needs to adopt the core elements of information technology system management (ITSM).
Is your IoT network putting you at risk of cyberattack?
Smart devices are growing in popularity, both at home and in the workplace, but is your IoT network putting you at risk of cyberattack? Here are some steps you can take to minimize risk.
Graphene used to make encrypted keys harder to hack
Penn State researchers are using graphene to make encrypted keys harder to crack, which could be used to improve data security and overall cybersecurity initiatives.
Six steps for preventing a cybersecurity attack
It's a matter of when, not if, when it comes to being the target for a cybersecurity attack. Companies can prepare themselves by enhancing IT security and education and knowing their network.
Overcome patch, management vulnerabilities in an OT environment
Vulnerability monitoring and assessment are particularly challenging to execute well in operational technology (OT) environments because of the large number of disparate assets.
Throwback Attack: Lessons from the Aurora vulnerability
A government-sponsored test on whether a cyberattack could inflict real-world physical damage has had major repercussions to this day. See eight steps on how to mitigate a potential cyberattack against your industrial control systems (ICSs).
SolarWinds’ impact on OT for manufacturers
The SolarWinds cybersecurity attack has had far-reaching effects in many different ways and it will change how operational technology (OT) handles cybersecurity threats.
Keeping OT environments cybersecure
What can engineers do to protect their processes and plants from cyberattack? Consider these best practices from cybersecurity and manufacturing experts.
Low-level risk assessment for cybersecurity
Low-level risk assessments are often performed after a high-level risk assessment or, sometimes, conducted on specific plants in order to deeply assess the precise risk estimate of a cyber attack.
How to protect marine renewable energy devices from cyberattacks
Pacific Northwest National Laboratory (PNNL) created a cybersecurity guidance report for marine renewable energy (MRE) devices to help improve MRE’s resiliency as a reliable source of renewable energy.
High-level risk assessment for cybersecurity
A high-level risk assessment is the starting point of an industrial cybersecurity risk assessment in compliance with the cybersecurity lifecycle defined by the international standard IEC 62443 for OT Security.
Addressing cybersecurity challenges through collaboration
Cybersecurity remains a growing challenge for many, and one way to bring greater awareness to the challenge is through collaboration among public, private and academic institutions. See three lessons to improve cybersecurity.
Creating a threat-informed defense for a facility
A threat scenario is shown to explain how an asset owner can benefit from leveraging diverse data collection using the MITRE ATT&CK for ICS Matrix.
Securing OT systems from cybersecurity attacks
As the worlds of information technology (IT) and operational technology (OT) continue to merge the demand for security measures to protect OT networks is growing.
Secure remote connections
Industrial control systems require secure remote connections. Did the pandemic help IT to understand OT needs and help OT to see IT concerns about cybersecurity and remote access?
Why cyber hygiene is needed when developing a risk-based cybersecurity approach
A risk-based approach to cybersecurity without basic cyber hygiene leads to many long-term problems for companies that are trying to get their networks safe and secure.
Evaluating 2021 cyber threat landscape trends
The new normal due to COVID-19 has made the cyber threat landscape very different and challenging in new ways for operators and consumers. Learn about new trends people should be aware for in 2021.
How to protect embedded systems in OT cybersecurity
Understanding cybersecurity issues in embedded devices is a complicated, ongoing process, but it's well worth doing ... and doing right. Here are a few steps to get you started on the journey.
Mitigating OT cybersecurity risks, enforcing best practices
Cybersecurity is becoming a major problem for operational technology (OT) users and can affect people in surprising and unexpected ways. See example and four questions to ask when developing an OT cybersecurity plan.
Five steps to improve OT, ICS cybersecurity awareness in manufacturing
To manage risk in manufacturing plants, it's essential your team understands the potential threats and is appropriately prepared to take necessary actions.
Interoperability best practices, integration, automation, controls
Standardization frameworks encourage more automation interoperability. Interoperability is trying to move from one or a few automation ecosystems into a wider world. See four levels of cybersecurity.
Six reasons why centralized cybersecurity doesn’t deliver value to OT
Cybersecurity is critical for operational technology (OT) systems, but it often doesn't deliver value to the user. See six reasons why and how users can find value and improve overall security.
Five questions every CISO should ask about OT cybersecurity
Chief information security officers (CISOs) need to know who is involved in operational technology (OT) cybersecurity and should know why they're getting involved in the first place when beginning this journey.
Introducing Industrial Cybersecurity Pulse
Industrial Cybersecurity Pulse is a new website dedicated to educating and informing engineers about the latest challenges and developments relating to cybersecurity, information/operational technology (IT/OT), the cloud and more. Check it out!
Four ways to converge physical and cybersecurity in industrial operations
Physical and cybersecurity are becoming more intertwined, which can create potential headaches between information technology (IT) and operational technology (OT). See four ways organizations can make the convergence easier.
Students learn to secure cyber networks, data
USC’s Intelligence and Cyber Operation Program (INCO) is designed to train students to proactively identify cybersecurity issues with an interdisciplinary approach.
Water treatment facility targeted by hackers
An unknown hacker tried to hack into the Oldsmar, Fla., water treatment system in the latest high-profile cyberattack against critical infrastructure facilities.
Companies expand partnership to secure industrial, critical infrastructure networks
Bayshore Networks and GE Digital announced an expansion to their partnership to integrate their solutions to address the growing need to secure industrial and critical infrastructure networks.
Secure, remote industrial access
How can remote access be granted to industrial facilities without increasing cybersecurity risks? Hardware, software and services are helping resolve the secure remote access challenges for manufacturers.
What OSHA can teach us about cybersecurity
Many of the lessons and changes applied to manufacturing after the Occupational Safety and Health Act of 1970 can be applied to the growing challenge manufacturers face with industrial cybersecurity. Three keys to improving cybersecurity are highlighted.
Cybersecurity strategies need to be measured
A model developed by MIT researchers explains how countries that retaliate too much against online attacks can make things worse for themselves, which can help others develop a more effective and measured strategy for the future.
More answers on what you need to know about cybersecurity
Below are more answers resulting from a cybersecurity webcast on cybersecurity architectures, training, best practices, risk assessment and trends based on research.
Cybersecurity and the rise of IT-enabled OT systems
Information technology strategies can help combat new cybersecurity vulnerabilities and deploy a solid cybersecurity program for operational technology use for industrial control systems, remote terminal units, supervisory control and data acquisition systems, as Industrial Internet of Things deployments increase.
Secure-by-design industrial products are increasingly important
Cybersecurity often is the catalyst for control system modernization, and industrial and critical infrastructure sector projects increasingly specify automation products and systems that are designed as cybersecure.
Resiliency, security needed for digital automation future
Manufacturing's resilience has been strong during the COVID-19 pandemic, and cybersecurity needs to be stronger than ever as the nature of work changes.
What you need to know about cybersecurity
A webcast on cybersecurity offers information about cybersecurity architectures, training, best practices, risk assessment and trends based on research.
Think again about measurements, logic, actions
A world with a pandemic can benefit from control engineering to measure, apply logic, and take actions in a transparent way, then repeat and optimize. Cybersecurity, remote connections, digital twins, artificial intelligence, training, and challenging old information all can help.
Top 5 Control Engineering Articles Oct. 19-25, 2020
Articles about heated face masks designed to inactivate coronaviruses, evaluating IoT wireless protocols, cybersecurity, human and artificial intelligence, and more were Control Engineering’s five most clicked articles from Oct. 19-25, 2020. Miss something? You can catch up here.
IIoT’s growing impact on ICS cybersecurity
The Industrial Internet of Things (IIoT) will have the strongest impact on operational technology/industrial control system (OT/ICS) cybersecurity.
Bureaucracy is an obstacle for cybersecurity projects
The inability to stop production and a bureaucratic approval process are the main barriers that inhibit industrial cybersecurity projects according to a report by Kaspersky.
Building automation, oil and gas facilities are top cybersecurity targets
There has been an increase in the percentage of systems attacked in the oil and gas industry as well as the building automation sector during the COVID-19 pandemic.
Technology hikes supply chain security, reduces risk
Regardless of how companies buffer supply chain gaps, they need to be cybersecure.
Physical security: picking up the pieces
Businesses need to be ready to pick up where they left off when it comes to enhancing physical security measures in the wake of COVID-19.
Self-erasing chips stop counterfeit electronics
Self-erasing chips developed relies on a material that temporarily stores energy, changing the color of the light it emits and it self-erases in a matter of days or erased on demand.
System integrators need to comply with international cybersecurity requirements
System integrators need to ensure that their automation systems are IEC 62443-compliant to adhere to international cybersecurity requirements.
Securing the IoT by design
There are several preventive measures that can be taken to secure industrial processes against cyber attacks.
Four tips on cybersecurity risk assessments
It’s hard to know how much cybersecurity spending is enough to lower risk to an acceptable level. What is enough and what else is needed? A cybersecurity risk assessment (CRA) can help. Four tips are highlighted.
Manage data flow to boost cyber-physical system performance
A suite of algorithms has been developed to improve the performance of cyber-physical systems by balancing each component’s need for data with how fast that data can be sent and received.
Remote teams struggling to mitigate cybersecurity risks
More workers are forced to work remotely due to COVID-19, but cybersecurity prevention and training is lagging behind.
Assessing cybersecurity today to improve tomorrow’s manufacturing operations
Simple strategies to achieve the most value from cyber risk assessments. Three strategies for operations technology (OT) teams to avoid while performing assessments are highlighted.
Cybersecurity tips from subscribers
Cybersecurity advice about process, technologies, people (internal) and external threat resulted from the Control Engineering 2020 Cybersecurity Research Report. See graphic of technologies and services used online.
How COVID-19 is affecting manufacturing cybersecurity
Forward-looking organizations realize they need the same level of aggressiveness to protect assets as they have done for COVID-19 risk reduction. A three-pronged strategy on securing essential infrastructure is highlighted.
Many industrial control systems can be exploited remotely
More than 70% of industrial control system (ICS) vulnerabilities disclosed in the first half of 2020 can be exploited remotely according to a report by Claroty.
Hackers exploiting COVID-19 anxiety in targeted phishing scams
Phishing assaults are becoming increasingly targeted, and the COVID-19 pandemic is one of many ways hackers are exploiting people and small companies.
Virtual private network holes elevate remote access risk
Virtual private network (VPN) implementations that give remote access to operations technology (OT) networks have received more focus due to COVID-19 since more people are working remotely.
Securing manufacturing in a crisis situation
With remote work becoming the new norm, it's important to stay on top of cybersecurity measures. Check out some tips on how to protect yourself from a cyber attack.
Looking to secure remote operations
The Forge Cybersecurity Suite offers passive asset discovery, active asset discovery, risk monitoring capabilities, and more to ensure that remote operations remain secure.
Secure remote access to survive and thrive
Secure remote access (SRA) is being used to help companies survive and thrive during the COVID-19 pandemic, but there are some new challenges that need to be considered. See 10 remote access best practices.
Phishing heads COVID-19 themed attacks
COVID-19 cyber attacks are on the rise according to researchers, and they are getting very sneaky in their methods.
Cybersecurity requires asset updates
Age of existing assets are the greatest cybersecurity risk factor, 67% in 2020 Control Engineering research, up from 46% in 2016. This is of particular concern with remote operations increasing due to the COVID-19 pandemic and manufacturing starting up again.
Integrated control system can reduce cybersecurity risk
Integrated control and safety systems can simplify a strong cybersecurity posture for a manufacturer.
New ways to attack Industry 4.0
Researchers warn smart manufacturing users and security professionals to be aware of advanced hackers.
DDoS attacks on rise due to COVID-19
The amount of distributed denial of service attacks (DDoS) rose at the beginning of this year primarily on education and municipal sites.
Validate security effectiveness and reduce exposure to potential risk
Without evidence of security performance, companies may be left with significant cybersecurity risk, according to a Mandiant research report.
Protecting worker safety, security after COVID-19 pandemic
Expectations for workers are changing due to the pandemic. Even after they return to work, it's going to be different, and companies need to adjust to this and ensure their workers are cyber-secure.
Public input requested on use of GPS for cybersecurity risk management
The National Institute of Standards and Technology (NIST) plans guidance to strengthen cybersecurity of related tech, in response to White House order.
Tech giants unite in COVID-19 smartphone effort
Google and Apple unveiled a joint effort to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of COVID-19 while protecting user privacy.
IT-OT collaboration needs context and increased visibility
Information technology (IT) and operational technology (OT) are continuing the process of working together, but non-manufacturing types need more understanding and context of what is happening on the plant floor for this merger to work.
Industrial network security best practice advice
Four myths about networking and cybersecurity related to operations technology (OT) systems are highlighted as well as three pillars for securing industrial networks.
Associations unite for COVID-19 recovery
ASIS International and the Security Industry Association have partnered to help in the coronavirus recovery and rebuilding efforts. The primary focus areas will begin with business operations and advocacy, and content development and coordination.
COVID-19 cyber attacks and scams are a global issue
Cyber criminals are taking advantage of COVID-19 forcing the majority of employees forced to work remotely. Europol published an updated threat assessment after monitoring the impact of coronavirus and cybercrime.
Coronavirus phishing attacks rising
With many employees working remotely, there is a rise in COVID-19 themed email phishing scams. Follow these suggested tips to keep companies safe.
Comprehending OT supply chain risk
It's crucial to recognize the possible threat from a supply chain risk and understand best practices to avoid them.
Hackers using COVID-19 to find OT, IoT gaps
Employees working from home need to be vigilant about phishing campaigns using COVID-19 related content to find gaps and organize cyberattacks.
Five tips to stay cyber secure when working remotely
Because of the coronavirus pandemic, more people are working remotely to avoid getting sick. Consider these five tips to make sure your cyber hygiene is as strong as your physical hygiene.
COVID-19 and remote access challenges for manufacturers
Companies are starting to offer protected remote access at no cost in response to the large number of employees working remotely due to coronavirus.
Remote security working in world of coronavirus
With a large influx of people working remotely due to COVID-19, cybersecurity is becoming a topic of concern for employers and their employees.
Good cybersecurity hygiene needed by businesses
Good cybersecurity hygiene is needed as more employees move toward working out of their homes in the wake of the coronavirus pandemic.
Coronavirus used in malware attacks
The coronavirus disease (COVID-19) is being used as bait in email spam attacks on targets around the globe by using the promise of information or a cure to fool people.
Understanding ransomware attacks and the people behind it
Ransomware and cyber attacks are increasing against manufacturers. Some are trying to understand more about the people behind them and their motives, which are not always clear.
Manufacturers realize cybersecurity risks, taking steps
Manufacturers are realizing the potential dangers from cyber attacks, but that is the first step in the process. Learn how companies are trying to combat this growing problem and what more they can do.
Boosting security of process control chemical systems
Wayne State University researchers have developed a process designed to enhance cybersecurity of chemical process control systems.
Strategies for securing the supply chain
The National Institute of Standards and Technology (NIST) is working on a publication designed to reduce cybersecurity risks to the supply chain.
Mixed-signal hardware security thwarts electromagnetic attacks
Purdue researchers created hardware technology that uses mixed-signal circuits to embed critical information to stop potential computer attacks.
Cybersecurity tool uses machine learning, honeypots to stop attacks
Purdue University researchers have developed a cybersecurity tool designed to stop cyber attacks using supervised machine learning, unsupervised machine learning and rule-based learning
Six answers on industrial cybersecurity effectiveness
Industrial automation cybersecurity has a lot of confusion and questions. Learn about changing trends and effective best practices for operations technology (OT) providers.
Method developed for more secure communication
Researchers at Bar-Ilan University showed long sequences with certified randomness are far from being truly random, which may lead to a new type of classified secure communication between two parties where even the existence of the communication itself is concealed.
Utilities benefit from a risk-based approach to cybersecurity
Utilities need to embrace a risk-based approach to cybersecurity to match the existing basic-level of compliance. See four issues utilities are currently facing.
University receives cybersecurity training grant
LSU Engineering received a $3.4 million National Science Foundation Scholarships for Service (SFS) grant, which will fund 21 scholarships in cybersecurity training over a five-year period.
Extend IT security to the plant floor
Cybersecurity is critical as information technology (IT) and operations technology (OT) converge, which is the first step in making the transition between the two sides almost seamless.
IT/OT collaboration must drive digitalization
Converging information technology (IT) and operations technology (OT) does little to move end-to-end digitalization forward. What makes digitalization really work is successful OT and IT collaboration and an understanding of what the other side needs. See 7 tips for smarter OT and IT collaboration.
The human asset in cybersecurity
Cybersecurity education: Human hacking, the compromise of human assets, is often the first step in a cybersecurity breach, even if or when technical systems are secure. Help coworkers and those in your supply chain to avoid being the entry point for attack. Learn attack methods, five attack types and five prevention techniques.
Companies benefit from sharing cybersecurity efforts
A study from North Carolina State University finds that companies that disclosed cybersecurity risk management efforts before and after a competitor’s breach fared the best.
Physical and cybersecurity are converging
The distinction between digital and physical cybersecurity is vanishing, and the risks associated with connectivity have accelerated the need for new security protections in all aspects of manufacturing.
Strengthening nuclear security with computational tools
Researchers at the University of Wisconsin-Madison are using machine learning methods that could allow scientists to strengthen nuclear security by giving scientists on the ground vital information quickly.
Manufacturers need to prepare for cyber threats
While industry sectors are starting to automate their processes to help increase productivity and efficiency and this requires greater connectivity, which also can expose systems to attack.
How to manage IoT cybersecurity
The National Institute of Standards and Technology (NIST) has published a report to help organizations better understand and manage the cybersecurity and privacy risks associated with IoT devices throughout the devices’ lifecycles.
Industrial controller cybersecurity best practices
Protecting industrial automation systems is easier when controllers offer built-in cybersecurity features.
Four access control plan benefits for manufacturers
A solid access control plan can reduce the complexity in securing these critical spaces and protect a manufacturing facility and reduce potential theft as well as overall costs.
Program developed to train cybersecurity professionals
The University of Arkansas received a five-year, $4.63 million award from the National Science Foundation to recruit, educate and train the next generation of cybersecurity professionals.
University receives award to prepare students for cybersecurity jobs
West Virginia University has received a $1 million award from the National Science Foundation (NSF) to prepare students for cybersecurity jobs with a project called "ACCESS," which cultivates cybersecurity experts through scholarships and education.
Industrial cybersecurity strategies need a new approach
While Industrie 4.0 and the Industrial Internet of Things (IIoT) is enhancing the digital and connectivity capabilities of industrial control systems (ICSs) it has also opened the floodgates to serious cybersecurity risks.
Modern technologies solve industrial cybersecurity needs
Emerging condition monitoring software and devices have ingrained cybersecurity that helps bring legacy systems and processes into the modern era.
Anomaly detection can prevent cyber attacks
Understanding what devices a manufacturer has working on a network is important, but the next step is to take that knowledge and move toward prevention.
Cybersecurity alliance’s founding members announced
The International Society of Automation (ISA) named the founding members of its Global Cybersecurity Alliance (GCA): Schneider Electric, Rockwell Automation, Honeywell, Johnson Controls, Claroty, and Nozomi Networks.
Researchers trying to make smart meters hackproof
Researchers at the University of British Columbia are developing an automated program in development aimed at improving the security of these devices and boosting security in the smart grid.
Benefits of operationalizing cybersecurity
Operationalizing cybersecurity requires balancing protection and response with cyber attacks, which are not predictable, and trying to stay ahead of the people who are actively looking to cause problems.
Global cybersecurity alliance to accelerate education, readiness
The ISA Global Cybersecurity Alliance will assemble a global group of stakeholders from end-user companies, control system vendors, information technology (IT) and operations technology (OT) infrastructure providers, system integrators, and other industry affiliates.
Understand the cyber-attack lifecycle
A cyber kill chain provides a model for understanding the lifecycle of a cyber attack and helps those involved with critical infrastructure improve cybersecurity policies, technologies, training, and industrial control system (ICS) design. Learn 8 steps of one model.
Teaching the next generation of cryptographic hardware experts
Aydin Aysu, a researcher at North Carolina State University, is offering a course to prepare students to make use of next-generation cybersecurity tools such as cryptography hardware.
Report finds cybersecurity basics still not being practiced by companies
A report from Applied Risk found that cybersecurity basics are still not being practiced by many companies, which is increasing their risk for potential attacks as untested technologies continue proliferating critical infrastructures.
Automated cryptocode generator developed to secure web browsers
An MIT-developed cryptographic system, Fiat Cryptography, is helping better protect a user's data and better secure websites by automatically generating optimized cryptography code that’s usually written by hand.
Researchers developing tools to encourage users to change passwords
Researchers from the University of Bath and Goldsmiths investigate whether a device that plugs in to a PC and signals to a user to change their password could help improve cybersecurity.
Providing security data in context for operators
Operators need to know the quality of that data within the proper context as the volume of data continues to increase to better prepare them for potential cyber attacks and other malicious events.
Financially motivated cyber attacks against manufacturers rising
The 2019 Verizon Data Breach Investigations Report (DBIR) found the motive for cyber attacks against manufacturers are largely financial in nature, though espionage also remains a strong motivator for some.
Effective cybersecurity needs compliance and dedication
Cybersecurity regulations are deliberately written to be forward looking and encourage best behaviors and companies should be vigilant in their compliance to prevent potential cyber attacks.
Top 5 Control Engineering articles May 20-26
Articles about sustainable cybersecurity architecture, robot ethics, data historian history, location intelligence and the IIoT, and online education benefits were Control Engineering’s five most clicked articles from May 20-26. Miss something? You can catch up here.
Method developed to detect cyber attacks with compressed network traffic
Researchers at the U.S. Army Research Laboratory (ARL) and Towson University are developing a method on compressing network traffic as much as possible without losing the ability to detect and investigate malicious activity.
Securing electric substations
Researchers at Georgia Tech have discovered that side channel signals and bolts of lightning from distant storms could one day help prevent hackers from sabotaging electric power substations and other critical infrastructure.
Industrial control system (ICS) cybersecurity advice, best practices
Catastrophic disaster can be the result of insecure industrial cybersecurity practices. See six common entry points for attacks, eight cybersecurity precautions for attacks by type, and four steps to improve.
Build secure networks as strategic backbones for digitalization
Operations technology (OT) and information technology (IT) organizations need to collaborate and build networks that effectively use digitalization to create an efficient and secure environment for companies.
Improving cybersecurity in robotic automation
Cybersecurity in the robotics field is still immature, but manufacturers are starting to realize the vulnerability that connected robots and automation equipment creates in their operations.
Utility sector strengthens security posture with rise of IIoT
Cybersecurity: Improving evaluation and certification methods, security audits, and testing provide a foundation for evaluating Industrial Internet of Things (IIoT) devices.
Sustainable cybersecurity architecture for safety instrumented systems
Choosing a safety instrumented system (SIS) architecture for defensible operation across the product lifecycle is one of the first decisions an organization must make; know these applicable standards.
Safety and security need to be the backbone for manufacturing
Safety and security have become more interconnected as systems once immune to cyber attacks are now becoming vulnerable in an increasingly interactive world.
Proactively manage industrial cybersecurity by automating risk monitoring
Cover story: A refinery installed a modern distributed control system (DCS) that automates and manages industrial cybersecurity tasks to reduce manual workflows, potential human error and overall company costs.
Group develops system to legally test GPS spoofing vulnerabilities in automated vehicles
Southwest Research Institute (SwRI) has developed a cybersecurity system to test for vulnerabilities in automated vehicles and other technologies that use GPS receivers for positioning, navigation and timing.
Research team looking to secure blockchain from cyber attacks
A research team from Northern Arizona University is looking to secure blockchain with an architecture that is compatible with cloud-based solutions.
Manufacturing and process facility trends: Cybersecurity
Technology update: Cybersecurity remains a key concern for manufacturing and process facilities as explained in the media session at ARC Forum 2019.
The human aspect of cyber-physical systems
Researchers from the National Institute of Standards and Technology (NIST) are exploring and developing the human aspect of cyber-physical systems (CPSs), which are going to have a larger role in society.
Top 5 Control Engineering articles February 11-17
Articles about plant cybersecurity management, the 2019 Engineers' Choice awards, control systems, future plant design, and the System Integration Giants were Control Engineering’s five most clicked articles from February 11-17. Miss something? You can catch up here.
Cybersecurity needs understanding and communication to work effectively
Communication and understanding between the information technology (IT) and operations technology (OT) department needs to improve as cyber attacks become more prevalent.
Proactive management of plant cybersecurity
A combination of information technology (IT) and operations technology (OT) cybersecurity expertise is required to manage the influx of Industrial Internet of Things (IIoT) devices and increased IT/OT integration.
Understanding the impact of mobile cyberattacks
Manufacturers' technology often wasn’t built to suppress today’s digital threats and with the advent of mobile technology in the workplace, it is easy for hackers to exploit this soft weaknesses.
Best practices to help improve system security
With increased connectivity between different devices, it’s critical to implement additional cybersecurity measures.
Untrained staff is the biggest cyber risk, according to report
A report by ESI ThoughtLab, in conjunction with Willis Towers Watson, found untrained staff is the greatest cybersecurity risk to business and a vast majority of companies know this.
Combining IT, OT with a security operations center
Companies can help prevent cyberattacks by forming a security operations center (SOC) to get the information technology (IT) and operations technology (OT) on the same page with the same goals.
Next-gen IoT security project being developed
Researchers have received a $750,000 grant to develop and commercialize a next-generation cryptosystem capable of protecting IoT devices from cybersecurity attacks through advanced authentication procedures.
Axio 360 by Axio Global
Axio’s NIST-CSF risk management platform is designed to establish a baseline for cyber readiness, and provides companies a risk reduction roadmap for ongoing improvement.
Digital transformation is crucial for automation, mobility, industrial workforce education
Digital transformation is vital for companies, but a clear business path and plan is needed to make it viable.
Playing catch-up with cybersecurity
Cybersecurity risks need help from contracts and insurance beyond technologies, policies, and people. Pretending cybersecurity risks aren’t there isn’t on any list of best practices.
Digital transformation needs a solid cybersecurity plan
Companies looking towards a digital transformation need cybersecurity and they need everyone–not just IT–to take responsibility to make it work.
Securing software
Chicago, Ill.—Software security is based on how applications and operating systems are constructed, but security also involves plant procedures, building security, and employee education, among other things, according to key software vendors at National Manufacturing Week, March 3-5, here. Proper software security measures are "very scarcely implemented," according to Dirk Rouffaer, Schne...
Study finds USB drives are a security threat to process control systems
Honeywell research finds exposure through portable USB drives can cause serious disruption to process facilities through unsecure or malicious files.
Standard specifying capabilities for components released
ISA/IEC 62443-4-2-2018, published by the International Society of Automation (ISA), sets forth security capabilities that enable a component to mitigate threats for a given security level without the assistance of compensating countermeasures.
Pharmaceutical manufacturers need to consider cybersecurity for PLCs
Pharmaceutical manufacturers need to enact cybersecurity measures for their programmable logic controller (PLCs) to prevent hackers from causing damage that could have major repercussions for the health of the company's customers.
Easier machine connectivity, communications add value
Think again: Machine tool original equipment manufacturers, automation suppliers to OEMs, system integrators, and end users at IMTS 2018 find value in easier machine connectivity, communications, and visualization. Are you watching others or participating?
How to use multi-factor authentication to protect a network
Multi-factor authentication (MFA) is a technique that, when implemented properly, can be an efficient deterrent from cyberattacks, but heed these additional precautions to prevent information from being compromised.
How to design secure remote-controlled operations
Six tips can help with cybersecurity and remote-controlled or remote-monitoring applications for industrial control systems (ICSs).
Cybersecurity standard specifies capabilities for control system components
The ISA/IEC 62443-4-2-2018 standard provides the cybersecurity technical requirements for components that make up an IACS, specifically the embedded devices, network components, host components and software applications.
Method to protect power grid from cyber attacks developed
Researchers at UC Santa Barbara have developed a method that could protect the power grid from cyber attacks.
Cybersecurity experts to oversee data security produced by Large Hadron Collider
Researchers from Indiana University’s Center for Applied Cybersecurity Research (CACR) will oversee the security of data produced by the Large Hadron Collider (LHC).
Understand network security: public key encryption and industrial automation
Remove unnecessary fear, take a proactive approach to network security as the Internet of Things (IoT) continues to rapidly expand.
Efficient security for cloud-based machine learning
MIT researchers have developed an encryption method that secures data used in online neural networks without dramatically slowing their runtimes, which could be useful for cloud-based neural networks and other applications that use sensitive data.
IIoT cybersecurity for connected robots
Manufacturers are leveraging Industrial Internet of Things (IIoT) technology to generate insightful robotic data, which makes maintenance easier, but it also increases cybersecurity risks.
Control system simulator teaches operators how to thwart hackers
Researchers at Georgia Institute of Technology (Georgia Tech) have developed a simulator to help operators of chemical processing plants better understand the security issues of industrial control systems (ICSs). Future versions are being planned to simulate electric power grids, treatment facilities, and other manufacturing facilities.
Benefits of DCS for Hybrid Industries versus Conventional PLC Approach: Your questions answered
Webcast presenters Jerry Espy, Frank Prendergast, and Jerry Bartlemay answered questions about topics such as cybersecurity risk, the emergency of the IIoT, and component and module integration.
Three steps for performing an ICS security audit
Companies looking to protect an industrial control system (ICS) should audit their assets, network, and data flows to better determine how safe a system is, and what more needs to be done.
IIoT: Connecting industrial intelligence
Industrial internet can help operations and production be intelligent, high-efficiency, and flexible. Industrial network cybersecurity can help protect the industrial control system (ICS). Tools are available to enhance interoperability of real-time data transmission.
Cybersecurity and safety plans require proactive, different approach
Experts at the Honeywell User Group (HUG) Americas conference encouraged companies to be proactive and think outside the box when deploying and implementing cybersecurity and safety solutions to protect manufacturing systems.
Embedded vision finds new uses in security and surveillance applications
Embedded vision technology is advancing security and surveillance capabilities in a number of different ways.
Importance of IIoT safety and connectivity
Cybersecurity can make or break a manufacturing enterprise with the advent of the Industrial Internet of Things (IIoT) and can have a major effect on safety systems, which are often considered the last line of defense for a manufacturing company.
European consortium aims to improve IoT security, interoperability
International: A European consortium is to begin working on Brain-IoT, a framework to improve the interoperability and security of Internet of Things (IoT) devices. Actuation and control are among areas of concern.
Local data center can serve a local cloud
Technology Update: Smart data management may include keeping a data center on location as part of a cybersecurity strategy, for manufacturers, aviation, defense, and other applications. An example shows how.
Double interest in cybersecurity
Think Again: Convergence of cybersecurity efforts from operational and information technology specialists is creating extra interest, encouraging investments, changes in policies and procedures, and training.
Six best practices for implementing and securing IIoT products
The practice of “securing by design” can help companies protect against potential cyber attacks on Industrial Internet of Things (IIoT) products.
Security’s role in manufacturing automation
Advances in technologies can lead to great things for the manufacturing automation sector, but security has to play a key role as the Industrial Internet of Things (IIoT) and Industrie 4.0 become more important.
Technology, cyber attacks are both on the rise
General Michael Hayden, former director of the CIA and the NSA, addressed the advances of technology and cyber attacks at the PAS 2018 Optics conference and said cybersecurity is a new domain and is vulnerable because security is an afterthought.
Spending on security-related services expected to rise in 2018
Global spending on security-related hardware, software, and services should hit $91.4 billion in 2018, an increase of 10.2% over 2017. Discrete manufacturers are expected to be among the biggest spenders.
Operators lack ability to secure critical infrastructure from security threats
Almost 60% of executives at critical infrastructure operators said they lack appropriate controls to protect their environments from security threats, but many are planning to increase spending for industrial control system (ICS) security measures in the near future.
Manufacturing, healthcare industries biggest targets of security attacks
Verizon's annual data breach report revealed manufacturing and healthcare were the biggest targets of hackers and over half of the data breaches were aimed at small- and medium-sized enterprises (SMEs).
Federal grants awarded to boost cybersecurity research
Seven organizations earned over $5.6 million in federal money to develop new tools to help researchers better understand and counter cyberattacks.
Survey: Senior executives not confident in cyber protection
While company executives are aware of cybersecurity's importance, few are confident in their ability to prevent a potential cyber attack, according to research by Marsh and Microsoft.
Learn how to stay ahead of cyber attacks
Use a risk-based approach to minimize risk against cyber attacks, especially for critical infrastructure facilities and industries.
Threat intelligence is a critical organizational need
Cover story: Continuous threat intelligence collection, analysis, and optimization can help organizations improve cybersecurity measures.
Internet and manufacturing event announced
The 2nd Annual Internet of Manufacturing Midwest conference in Chicago from June 6-7, 2018, is designed to bring business and technical executives from leading manufacturers to share best practices, case studies, and to inspire new revenue opportunities.
Eight ICS cybersecurity tips for a hyper-connected world
Cover story: Implementing a cybersecurity strategy against internal and external threats are key steps toward securing an industrial control system (ICS).
Understanding industrial control systems security basics
Cover story: It’s critical to implement an in-depth cybersecurity plan to help protect industrial control systems (ICSs) against a cyber attack. Identify threats, vulnerabilities, standards, and documents.
Industrial cybersecurity standard published
ISA/IEC 62443-4-1-2018, Security for Industrial Automation and Control Systems Part 4-1: Product Security Development Life-Cycle Requirements, specifies process requirements for the secure development of products used in industrial automation and control systems (IACS).
What can the IIoT do?
The Industrial Internet of Things (IIoT) enhances manufacturing operations by enhancing connectivity, equipment management, monitoring production, and customer relationships. Nine additional IIoT benefits are highlighted.
Manufacturing needs to be proactive with security, safety
A targeted attack on a safety system has made it clear the manufacturing industry as a whole needs to be vigilant and ready for future malicious cybersecurity attacks because they will come.
Advice on securing the Industrial Internet of Things
Industry and utility companies need to develop new strategies to mitigate and manage cyber risks according to an IBM report, which has set recommendations for securing the Industrial Internet of Things (IIoT).
Number of ICS devices connected to internet increases, raising security concerns
The number of industrial control system (ICS) devices connected to the internet has increased according to a report, and it raises some concerns about secondary and ancillary devices connected to the ICS that could be compromised.
Endpoint security best practices white paper released
The Industrial Internet Consortium (IIC) announced the publication of the Endpoint Security Best Practices white paper, which is designed as a reference point to implement countermeasures and controls they need to ensure the safety and security of Internet of Things (IoT) endpoint devices.
Cyber hub for manufacturing launched in Chicago
The Digital Manufacturing Design and Innovation Institute (DMDII) announced today the launch of a "Cyber Hub for Manufacturing" with $750,000 in seed funding from the U.S. Department of Defense (DoD).
Detecting and preventing potential cyberattack moves
Before most "final" attack success or failures, there is a whole series of often forgotten or unseen steps or plays that took place and users can take steps to prevent them from happening or, at the very least, slow them down.
Implementing analytics for Big Data applications with PC-based control systems
Control engineers can use PC-based control systems to take advantage of Big Data analytics to help them make real-time insights for their companies in the Internet of Things (IoT) era.
The importance of cloud security
Moving to the cloud still provides many challenges for manufacturing organizations to overcome, but smooth transition is possible and definitely without fear provided companies take security seriously.
Tool developed to detect website security breaches
A tool has been designed by researchers at the University of California San Diego to detect when websites are hacked by monitoring the activity of email accounts associated with them.
Asset management’s role in ICS security
Most industrial control system (ICS) networks were designed and implemented before the advent of cyber crime, and the availability of automated asset management capabilities, which makes it difficult to assess risk and apply effective defenses. Three major pain points for users are highlighted.
Advancing to IIoT means back to security basics
Manufacturers may see advantages to the Industrial Internet of Things (IIoT) and Industrie 4.0, but the backbone of their plant, the control system, wasn't built with cybersecurity in mind, and many companies aren't addressing this potentially serious issue.
Reducing the human attack surface
Humans are the weak link when it comes to cybersecurity and have a wide potential attack surface for hackers, but companies can take steps to reduce this problem by remaining consistent in their security policies. Six personnel shortcomings and three solutions are highlighted.
Companies announce collaboration to advance cybersecurity for power management technologies
Eaton is collaborating with UL to advance cybersecurity for power management technologies across industries, which is intended to establish measurable cybersecurity criteria for network-connected power management products and systems.
Alarm management: 6 hazards, 4 strategies
Alarm management in an IIoT world: Correlation and classification of industrial process control alarms before the operator sees them vital for safety, speed, and efficiency. Networking and advanced software tools help.
Avoid alarm overload with consolidation and escalation
Take steps to improve supervisory control and data acquisition (SCADA) alarm management and avoid alarm overloading.
Industrial cybersecurity adoption moving slowly
Even though cybersecurity incidents across the globe are increasing, industrial companies are not moving quickly to adopt measures to protect their data and operations according to a report by LNS Research. Three solutions are highlighted.
Cyber incidents add to downtime costs
Cyber incidents can add to downtime costs in a big way if there isn't a solid cybersecurity plan in place to mitigate the worst effects.
Survey finds divided vision of human-machine partnerships’ future
Research by Dell Technologies and Vanson Bourne found that many industry leaders agree they need to transform to become more automated and integrated, there is a sharp divide on whether this is a good or bad thing for the future and what it will mean for their employees and their bottom line.
Create a secure network for shop floor devices
Operations technology (OT) environments consist of many devices using different protocols and different languages. This can cause a security risk if plant operators don’t take steps to mitigate the risk and create awareness for everyone on the plant floor.
Smart Factory applications in discrete manufacturing
The Smart Factory is helping discrete manufacturers by providing real-time interactions of people, machines, assets, systems, and things that collectively enable processes to govern themselves through machine learning and cognitive computing.
IoT cybersecurity needs to be improved
Manufacturers and government officials recognize the need for improved cybersecurity for Internet of Things (IoT) devices, but more work needs to be done.
Government-funded ICS technology heading to commercial market
The Department of Homeland Security's (DHS) Science and Technology Directorate (S&T) released an industrial control system (ICS) cybersecurity solution via its Transition to Practice (TTP) program technology, the sixth marketplace transition in the last six months.
Three reasons to perform an industrial control system assessment
Industrial control systems (ICSs) are under attack as frequently as corporate administration systems and users can prevent these attacks with an assessment that takes stock of what a company has, who has access, and what changes have been made.
Companies awarded for dedication to safety culture
Honda of Canada won the Rockwell Automation's Manufacturing Safety Excellence Award along with U.K.-based equipment builder A.M.P Rose.
Taking secure steps against counterfeits and piracy
Researchers have developed printed 3-D microstructures instead of 2-D structures, such as holograms, to improve counterfeit protection, which has increased over the past several years.
Consequence-driven engineering needed for critical systems and processes
Consequence-driven engineering (CCE) provides organizations with the steps required to examine their own environments for high-impact cybersecurity events/risks; identify implementation of key devices and components that facilitate that risk; and develop concrete protections.
Protecting against combosquatting attacks
Combosquatting, which tricks users into visiting domains that contain familiar trademarks with different or additional words, has become a growing problems and can adversely effect users.
How to find an APT attack against a network
Advanced persistent threat (APT) attacks against critical infrastructure are on the rise and companies and users need to learn how to find anomalies in their network and be proactive before serious damage can be inflicted.
Bringing safety and security together for process control applications
It is important to understand the interaction between safety and security in process control applications to make better overall decisions.
Cybersecurity: Have a game plan
A proactive cybersecurity approach requires diligence and flexibility.
Small business owners not concerned about cybersecurity threats, according to report
Small business owners, according to a report by Paychex, don't fear cyber attacks the way larger companies do and they lack the protections a larger company might have installed. Five cybersecurity best practices are highlighted.
Finding common ground in IT/OT convergence
The interconnection of information technology (IT) and operational technology (OT) is a source of new opportunities and challenges. With increasingly automated and robotic supply chains, manufacturing and engineering companies are becoming more connected, but this exposure to external data flows inevitably leads to new risks.
Deep packet inspection benefits for industrial automation and control systems
Deep packet inspection (DPI) of traffic is needed to secure an industrial automation and control system (IACS) to understand specific protocols and apply filters to fields and values that matter to control systems.
RFID tags used to improve safety, reliability at plant
An initiative to improve access control and mustering generated improvements using radio frequency identification (RFID) tags improved plant safety and efficiency for Chevron Oronite.
Seven tips for enhancing plant cybersecurity
Companies can't prevent all cyber attacks from occurring, but simple best practices such as enforcing security policies, strengthening physical security, and controlling network access with device profiling will go a long way to lowering the risk of an attack.
Six ways to protect an industrial network from malware
Malware can go undetected for months and even years inside an industrial network. Companies can protect themselves by educating their workers and ensuring their firewalls are configured properly.
Ensuring OT cybersecurity
Cybersecurity breaches that affect operation technology (OT) systems and devices that monitor and manipulate much of the world around us have real-world health and safety consequences if they are compromised and companies need to catch up.
IT and OT convergence a major focus for companies
Information technology (IT) and operations technology (OT) need to converge to make the Industrial Internet of Things (IIoT) work, but manufacturers still struggle with making it work. The 2018 ARC Advisory Group Forum is planning on addressing the topic and other cybersecurity issues.
Five cybersecurity predictions for 2018
Nozomi Networks listed five ICS security predictions for 2018 such as increased information technology (IT) integration and potential cybersecurity challenges.
Industrial mobile robot safety standards on the forefront
Mobile robot standards are evolving to keep up with the rapid developments on the plant floor and to help ensure workers and companies are safe going forward.
Three cybersecurity changes that manufacturers should implement
As connectivity increases, so does the level of sophistication in cyber attacks against manufacturers and other industries. Three security recommendations for manufacturers are highlighted.
Power grids facing cybersecurity threat
Energy companies in the United States and Europe are facing an increased number of cybersecurity attacks that could leave lasting damage if successful and they need to find ways to remedy the issue before it happens.
Stopping industrial control system network threats
Threats to the industrial control system (ICS) network infrastructure are at an all-time high and the sophistication of these are easy for perpetrators because of its aging infrastructure, lack of security planning/design, and minimal focus to protect ICS assets.
Three elements of a modern HMI for improved operations
Cover Story: Advancements in human-machine interfaces (HMIs) lead to increased productivity, simplified graphics configuration, and mobility.
Cybersecurity for robots weakening as automation grows
Robotics sales are growing across the globe, but cybersecurity isn't following suit according to research reports.
Cyber attacks against manufacturers rising, according to report
Cyber attacks against manufacturers are occurring more frequently, according to a report by NTT Security, and the level of sophistication is also increasing.
IoT developers working on addressing potential cybersecurity issues
As governments start to contemplate legal responses to Internet of Things (IoT) security flaws, companies are beginning to contemplate changing the way they handle cybersecurity.
Ransomware taking aim at manufacturing companies
A ransomware called Defray has been used to target manufacturing and technology companies as well as healthcare and educational facilities.
Firewall functions and roles for company security
Firewalls continue to represent core elements in the segmentation of networks and therefore are an essential part of any security strategy with respect to network security.
Researchers concerned about cyber attacks against 3-D printers
Security researchers have demonstrated that it is possible for hackers to make undetectable changes to 3-D printed parts that could introduce defects along with potential safety risks, which could be problematic for medical and manufacturing applications.
Standards group creates draft report on updating critical IT, OT infrastructure
The National Institute of Standards and Technology (NIST) has created a technical draft report that is designed to will help organizations perform a step-by-step analysis to identify those critical parts of a system that must not fail or suffer compromises to information technology (IT) or operations technology (OT).
IT security converging with the ICS industry
As industrial control systems (ICSs) are attached more frequently, operators are looking to information technology (IT) to help them understand the issue and create best practices to help prevent future attacks.
An integrated network for Industrie 4.0
System integration via the cloud makes networking at the production level easy and secure by vertically integrating management and systems as well as providing a security function for Industrie 4.0.
Acquisition of cybersecurity company completed
Honeywell has completed its acquisition of Nextnine, a privately-held industrial cybersecurity company, which will be integrated into Honeywell's existing cybersecurity division.
Security measures need to measure up to sophisticated attacks
Security needs to be improved in order to combat attackers getting more and more dangerous and skilled each day, demonstrated by the attack on Ukraine in December 2016.
Industrial sites, companies at risk to sophisticated ransomware
A new version of ransomware, called Petya, is attacking companies and countries across the globe and is being compared to, yet more severe than WannaCry.
Ramifications of global cyber-attacks: A focus on small business
Cyber crimes are not only affecting big business, they are increasingly targeting small businesses, non-profits organizations, and public health and safety organizations that are more vulnerable.
Security a major priority for Industrie 4.0
With the industry on the cusp of adopting the Industrial Internet of Things (IIoT) or Industry 4.0, security has to be a part of it.
Implementing robotic automation solution tips
If implemented strategically and accordingly to the company's specific needs, robotic automation can position a company for long-term improvements and success.
Smarter, connected networks add complexity
Enterprises need a combination of operations technology's (OT's) reliable data and information technology's (IT's) and innovation to become a smart, connected enterprise that will embrace and profit from the digital transformation.
Cyber espionage the cause for most companies’ security breaches
A report by Verizon indicates that most security breaches against companies are cyber espionage with the intention to steal valuable company secrets.
IT/OT convergence needs conflict resolution from both sides
Information technology (IT) and operations technology (OT) are very different organizations that have begun to converge and they must start resolving their issues. Three tips for reducing potential conflict are highlighted.
Companies need to make time for cybersecurity
Cyberattacks are growing and becoming more prevalent and manufacturers have to make time for cybersecurity to try and prevent potential attacks.
Use of industrial microcontrollers: webcast questions answered
More answers are outlined below from the live audience Q&A in the June 8 webcast, “IIoT webcast series 2017: Sensing and control at the edge: microcontroller kits."
The importance of cybersecurity in industrial robots
For end users of industrial robots, cybersecurity needs to be a business priority in order to protect the company from hacking that can cause safety issues or defects that lose the company money.
Automation group hires cybersecurity expert as managing director
Marty Edwards, a cybersecurity expert and director of the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), has been hired as the managing director of the Automation Federation.
Fighting for holistic IT, OT security
Integrated cybersecurity solutions are still a long way off because of a lack of expertise and a lack of solutions that don't address the integration between information technology (IT) and operations technology (OT) departments.
Few companies have clear IIoT vision, according to survey
A survey by the Business Performance Innovation (BPI) network showed that fewer than two percent of large corporations have a clear vision for the Industrial Internet of Things (IIoT).
Benefits of two-factor authentication for manufacturing companies
Two-factor authentication can provide manufacturers with an extra layer of security, but the process should not be cumbersome or time-consuming if a user's identity needs to be established quickly.
Companies need to formulate a cybersecurity plan
Cybersecurity has made significant strides in terms of companies' awareness, but there is still a long way to go, according to experts at the SANS ICS Security Summit.
Cybersecurity risk spikes with mingling of operations and IT technologies
Resources available to learn about cybersecurity frameworks; receive alerts, advisories and reports.
Industrial robotic systems vulnerable to cyberattacks
Industrial robotic systems are vulnerable to cyberattacks according to research from information technology (IT) security company Trend Micro.
Develop safety through security
Safety implications of security often end up overlooked and companies need to learn how to assess, manage and mitigate risks for industrial security.
IIoT security a major concern, according to survey
Companies see the enormous upside the Industrial Internet of Things (IIoT) has to offer, but they are united in their concern about a major security breach.
Designing security for robots
Robots are becoming more affordable and practical for everyday solutions, but the need for robust security is also important, according to security firm IOActive.
Cybersecurity attacks on IIoT infrastructure expected to increase in 2017
A survey by security company Tripwire found that 96% of IT security professionals expected attacks on critical Industrial Internet of Things (IIoT) infrastructure segments such as energy, utilities, government, healthcare, and finance.
Determining insurance’s role for cybersecurity incidents
Cybersecurity is one thing, but figuring out where insurance fits into the big picture is not so simple these days with cyber-physical attacks becoming more sophisticated.
Encryption system developed to hide private information from database queries
Researchers from MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) and Stanford University have developed an encryption system designed to disguises users' database queries so they reveal no private information.
Learning tough lessons from ICS attacks
A security incident can cause damage to brand reputation, loss of competitive advantage, legal or regulatory non-compliance issues, considerable financial damage, and harm to the environment and community.
Three steps for securing your IoT system
Companies looking to improve their Internet of Things (IoT) system should consider who they do business with and take proactive steps to ensure there aren't any potential security breaches.
Protect sensitive systems by taking them offline
Manufacturers need to understand their process and disconnect the “crown jewels" to protect their systems from serious damage.
Energy and fourth industrial revolution happening at same time
Ulrich Spiesshofer, chief executive of ABB, said the fourth industrial revolution and the energy revolution are happening at the same time and how their changes are impacting one another as well as the workforce in profound ways.
Lessons and advice from the Ukraine cyberattacks
Ukraine has been hit with two major cyberattacks on their critical infrastructure in the last year-and-a-half. First steps of the attack were executed through the HMI. Operators saw the mouse point moving in front of them, and they had no control of it. A cybersecurity expert and investigator explains the attack and what this means for industrial security as a whole.
Fighting advanced DDoS attacks
The National Institute of Standards and Technology (NIST) is working with the Department of Homeland Security (DHS) Science and Technology (S&T) and industry to research and develop approaches to DDoS detection and mitigation, which are becoming more sophisticated.
Safety requires cybersecurity
Technology Update: If it isn’t secure, it isn’t safe. Cybersecurity vulnerabilities represent additional failure modes and safety incidents not factored into traditional safety assessments. Consider safety when creating a business justification for cybersecurity risk assessments.
Industrial security threats to watch out for in 2017
Industrial security threats such as IoT botnets, critical infrastructure vulnerabilities, and black market supervisory control and data acquisition (SCADA) exploits are industrial security concerns that should be on the radar in 2017.
Cybersecurity framework updated
A draft update to the Framework for Improving Critical Infrastructure Cybersecurity provides details on managing cyber supply chain risks, clarifies key terms, and introduces measurement methods for cybersecurity.
Current issues in industrial cybersecurity
Ransomware is as loathsome as it sounds; programmable logic controllers (PLCs) seen as likely targets.
ICS attacks rise in 2016, according to report
A report by IBM Managed Security Services said that industrial control systems (ICS) attacks with the largest rise coming from brute force attacks on supervisory control and data acquisition (SCADA) systems.
Derive value from IIoT data
Collecting data from the Industrial Internet of Things (IIoT) isn't enough; companies need to know what to do with it. They also need safeguards to ensure that the data they're processing isn't breached.
Building an ICS cybersecurity ecosystem
Companies, governments, and vendors need to develop a cyber ecosystem that encompasses more than just the four walls of their organization to help mitigate a threat that becomes more sophisticated every single day.
Top 5 Control Engineering articles February 6-12: Engineers’ Choice, multivariable control, SCADA/HMI cybersecurity, more
Articles about the Engineers' Choice winners, multivarable control concepts, SCADA and HMI cybersecurity, five VFD questions to ask, and what to expect from Industrie 4.0 were Control Engineering’s five most clicked articles from February 6-12. Miss something? You can catch up here.
Daniel Capano, Diversified Technological Services, joins Control Engineering editorial advisory board
Daniel Capano, the owner of Diversified Technological Services Inc., of Stamford, Conn., joined the Control Engineering editorial advisory board in February.
Top 5 Control Engineering articles January 23-29: IIoT advice, TSN and real-time Ethernet, successful MES implementation, more
Articles about the IIoT and manufacturing, TSN and real-time Ethernet networking, successful MES implementation strategies, hot Control Engineering topics, and five VFD questions were Control Engineering’s five most clicked articles from January 23-29. Miss something? You can catch up here.
Bridge the IT, OT gap by bringing IT into acceptance testing
Cybersecurity should be part of an industrial control system (ICS) or manufacturing application's acceptance test and information technology (IT) resources should be involved to help ensure a successful implementation.
Companies need to change focus, mindset on IIoT security
There are ways for companies to get an Industrial Internet of Things (IIoT) project focused while overcoming the security challenges, but it requires a culture change and a different mindset.
Tips for a successful MES implementation strategy
Manufacturing execution system (MES) solutions require a great deal of planning and testing to be successful and it requires everyone on the shop floor to be on the same page.
Top 5 Control Engineering articles January 16-22: TSN and real-time Ethernet, reusable PLC code, hot Control Engineering topics, more
Articles about TSN and real-time Ethernet networking, reusable PLC code advantages, hot Control Engineering topics, five VFD questions, and robotics software for the next generation were Control Engineering’s five most clicked articles from January 16-22. Miss something? You can catch up here.
Smart devices aren’t necessarily secure
With the increasing adoption of Industrial Internet of Things (IIoT) devices for critical infrastructure operations, users need to realize that just because a pervasively connected device is labeled "smart" doesn't mean it's "secure."
IIoT security requires a holistic approach
Enhanced intelligence and fast delivery are key drivers for further investment in IIoT, but as the technology is still in relative infancy, security is a rising concern as more objects communicate with each other via the Internet.
Top 5 Control Engineering articles January 9-15: Control panel design, choosing a control system platform, choose the best controller, more
Articles about good control panel design, choosing the right control system platform, choosing the best controller, the 2016 System Integrator Giants, and a universal Internet of Things (IoT) language were Control Engineering’s five most clicked articles from January 9-15. Miss something? You can catch up here.
What does time-sensitive networking and real-time Ethernet data mean for the future of industrial systems?
Avnu Alliance members explain how real-time communications enabled by Time Sensitive Networking (TSN) will strengthen the future of industrial systems.
Industrial Internet of Things lab opened
National Instruments announced the opening of the NI Industrial IoT (IIoT) lab at its Austin headquarters. The lab’s operational focus includes areas such as microgrid control and communication, advanced control for manufacturing, and asset monitoring for heavy equipment.
Top 5 Control Engineering articles January 2-8: Control panel design, achieving operational excellence, 2016 SI Giants, more
Articles about good control panel design, achieving operational excellence, the 2016 System Integrator Giants, SCADA and industrial automation, and robotics software were Control Engineering’s five most clicked articles from January 2-8. Miss something? You can catch up here.
Manufacturers are slow in adopting Industrie 4.0 into their operations
Many manufacturers in the U.S. and the United Kingdom aren't adopting Industrie 4.0 because they don't realize its potential and don't see how it will improve their overall revenue according to research from the Boston Consulting Group (BCG).
Incorporating cybersecurity awareness into OT
Using cyber situational awareness platforms to enhance control system personnel needs to be part of a greater design goal and should act as an invisible layer for an operations technology (OT) environment. Here are four tips for cybersecurity situational awareness, and six responses to zero-day threats.
Monitoring a growing network by tracking data trends
Audit and compliance rules dictate data must be true to ensure processes and systems are running to the height of their performance capabilities. It can also help manufacturers predict future trends by tracking historic data.
Manufacturing executives concerned about cybersecurity protection
Manufacturing executives lack confidence their assets are protected from external threats, a study by Deloitte and the Manufacturers Alliance for Productivity and Innovation (MAPI).
IT, OT teams need to keep manufacturing systems running
Security professionals on the information technology (IT) and the operations technology (OT) sides of the house have to truly understand the main goal, which is keeping the manufacturer’s systems up and running at all times.
Top 5 Control Engineering articles December 12-18: Engineers’ Choice finalists, 2017 SIY winners, 2016 SI Giants, more
Articles about the Engineers' choice finalists, 2017 SIY winners, the 2016 System Integrator Giants, DCS/PLC action items, and intelligent automation were Control Engineering’s five most clicked articles from December 12-18. Miss something? You can catch up here.
Gathering Big Data analytics through network monitoring
Big Data analytics allow manufacturers to make smarter and better decisions and improve their operations and network monitoring can play a key role.
Test beds for smart manufacturing: Affordable, accessible, innovative, collaborative, connected
The Smart Manufacturing Leadership Coalition (SMLC) is working on test-bed demonstrations, which can help analyze optimization, energy efficiency, safe and sustainable production, and improved supply chain connectivity. The Coalition’s efforts include toolkits for smart manufacturing deployment, and open, advanced platforms, analytics, controls, and sensors. See related RCEP webcast.
Interoperability specification for IIoT launched
The CC-Link Partner Association (CLPA) and Profibus & Profinet International (PI) announced an interoperability specification between CC-Link IE and Profinet.
Top 5 Control Engineering articles November 28 to December 4: Process automation systems, Engineers’ Choice finalists, robotic programming advancements, more
Articles about process automation systems, the Engineers' Choice finalists, robotic programming advances, SCADA/HMI cybersecurity, and IoT control system optimization were Control Engineering’s five most clicked articles from November 28 to December 4. Miss something? You can catch up here.
A new niche for AppliedAutomation
Stories in the December issue of AppliedAutomation focus on risks associated with cybersecurity, real-time process optimization, and motion control features that compare drive-based and controller-based automation.
Ensuring SCADA/HMI cybersecurity
Critical industries, such as chemical, energy, transportation, and water/wastewater depend on supervisory control and data acquisition (SCADA) systems for daily operations. Strengthening weaknesses in these systems must be a priority and is a shared responsibility.
Secure the first mile for IIoT
Securing the first mile for the Industrial Internet of Things (IIoT) requires users to connect data from operational systems to the information technology (IT) environment.
Design cybersecurity plan for an automation project from the beginning
In the future, automation environments will need a cybersecurity plan designed from the beginning, which means companies will have to think about the process differently.
Industrial application platform for SCADA packages
Inductive Automation's Ignition v7.9 is designed to improve security, performance, and ease of use for supervisory control and data acquisition (SCADA) packages.
EC: MELSEC iQ-R Programmable Automation Controller
Machine & Embedded Control — PLCs, PACs, industrial PCs: The MELSEC iQ-R PAC is Mitsubishi Electric’s revolutionary controller that delivers significant enhancements in the area of machine performance, engineering ease of use, maintenance simplicity, sophisticated security, and quality. This is a Control Engineering 2017 Engineers’ Choice Awards Finalist.
EC: Allen-Bradley Stratix 5950 Security Appliance
Network Integration — Ethernet hardware: The Allen-Bradley Stratix 5950 security appliance uses Adaptive Security Appliance firewall and FirePOWER technology to identify, log or block potentially malicious traffic and enhance plant-floor security. This is a Control Engineering 2017 Engineers’ Choice Awards Winner.
EC: Cisco Industrial Ethernet 1000 Switch
Network Integration — Ethernet switches: The Industrial Ethernet 1000 switch is a small form-factor, lightly managed switch designed for rugged environments meeting specific needs of industries such as machine building, manufacturing, smart cities, and more. This is a Control Engineering 2017 Engineers’ Choice Awards Winner.
EC: Bedrock Uninterruptible Power Supply (UPS.500)
Power — Energy, power protection, UPS: The first IIoT-enabled cyber secure, standalone lithium ion battery based UPS for industrial control applications. Powerful onboard electronics enhance battery performance, manage embedded cyber protection and enable secure Ethernet. This is a Control Engineering 2017 Engineers’ Choice Awards Finalist.
EC: PlantTriage v13 to monitor and diagnose plant control loops
Software — Data analytics, diagnostics: The PlantTriage software, based on ExperTune technology, monitors plant control loops 24 hours a day, diagnosing issues, and prioritizing opportunities for improvement. This is a Control Engineering 2017 Engineers’ Choice Awards Finalist.
System Integration case studies Webcast: Questions answered
More answers about system integration case studies, the topic of a Sept. 22 Webcast, are provided by the speaker. Topics include risks, design standards, and communication protocols.
Top 5 Control Engineering articles September 5-11: Ladder logic, safer process facilities, stepper motors, more
Articles about ladder logic, safer process facilities, stepper motors and closed-loop technology, small-scale automation projects, and SCADA cybersecurity were Control Engineering’s five most clicked articles from September 5-11. Miss something? You can catch up here.
Modular subracks and components for plugging different sized boards
Pixus Technologies' modular subracks and components are designed for plugging various sized boards and the extruded rails feature tapped holes and optional extensions for IEEE injector/ejector latches.
Network monitoring and the IIoT
The risk of a potential cyber attack is going to increase as the Industrial Internet of Things (IIoT) becomes more widely adopted. Greater awareness and cooperation is needed to head off those risks before they become a reality.
SCADA cybersecurity in the age of the Internet of Things
Supervisory control and data acquisition (SCADA) systems’ traditional role is changing as the Industrial Internet of Things (IIoT) continues to take a larger role. SCADA systems were not originally designed for cybersecurity and plants need to adjust to this new reality.
Network monitoring groups forge partnership
SCADAfence agreed to partner with Gigamon to provide a joint cybersecurity solution to bring manufacturers additional visibility and detection capabilities and monitor the industrial environment.
Cybersecurity advice for the Industrial Internet of Things
Organizations recognize that information created by connecting intelligent things and industrial control systems (ICS) to the enterprise business systems is achieving greater visibility, but achieving this requires a seamless and secure flow of information.
Companies concerned about IoT skill shortage
A recent report indicates that many companies are worried that their staff lack the skills and understanding to use the Internet of Things (IoT).
Using wireless to gain a network and data monitoring edge
Gaining access and data from areas previously inaccessible allows for greater knowledge and visibility of what is going on throughout the manufacturing enterprise.
Study suggests companies are adopting IoT technologies without realizing the benefits
Businesses are increasingly adopting Internet of Things (IoT) technologies, even if some don’t yet truly understand the benefits they can bring to their company, according to a survey by Strategy Analytics.
Virtualization benefits for manufacturers
Virtualization growth in manufacturing is continuing as more end users are taking advantage of the cost benefits it offers such as increased efficiency, reduced costs, and better security.
Tips for secure remote access
Remote access will become an even more vital element as the industry becomes more open and connected and secure communications can be a constant if the right steps are taken.
Of network redundancy and PID control
Ethernet, industrial networks, fieldbus, and PID control remain major topics for automation experts.
Fundamental security features and risk analysis for industrial assets
Analyzing and mitigating security risks for industrial assets is imperative to preventing a data breach.
Top 5 Control Engineering articles, July 11-17: Natural gas flowmeters, Industrie 4.0 and MES, binary-coded decimals, more
Articles about natural gas flowmeters, Industrie 4.0 and MES, binary-coded decimals and PLCs, high-performance HMIs, and cybersecurity in manufacturing were Control Engineering’s five most clicked articles from July 11-17. Miss something? You can catch up here. Also see what ranked 6-10.
Interest in the IoT yields interest in OT security
The Internet of Things (IoT) is becoming more commonplace in the workplace, which has, in turn, increased interest in operational technology (OT) security.
Wireless standards expanded for improved network traffic
The Wi-Fi Alliance expanded the 802.11ac standard to include features designed to provide a higher-performance connectivity experience with features such as spatial streams and extended support.
Microsoft, GE ready to collaborate on IIoT
GE’s Predix operating system to be part of Microsoft’s Azure cloud offering.
Cybersecurity in manufacturing: How much is needed?
The cybersecurity situation for manufacturing is changing as the scale of attacks on the manufacturing sector and proportional loss to businesses has demonstrated the necessity of secure integrated control systems.
Smart manufacturing and the continuing need for MES
Manufacturing execution systems (MES) are still useful even with smart manufacturing because they provide a fundamental base for every smart production solution.
Managing processes with the IIoT
The Industrial Internet of Things (IIoT) is creating more streamlined and efficient methods to manage processes.
Manufacturing and the fourth revolution
Industry leaders within manufacturing have already set in motion the idea of a fourth industrial revolution, or Industrie 4.0, and the Internet of Things (IoT) will play a major role in how manufacturing changes.
IT leaders remain skeptical of digital transformation and IoT
Cisco's survey on digital readiness suggest that information technology (IT) leaders around the world are not yet convinced of the industry’s ability to drive digital transformation, which is bad news for the Internet of Things (IoT).
REST communication and the IIoT
A popular mechanism for the Industrial Internet of Things (IIoT) is representational state transfer (REST) communication. If a system or device exposes this kind of interface, it becomes Web-compatible.
Companies focusing on industrial-level analytics and big data
GE and Microsoft are focusing more on how big data and industrial-level analytics can transform manufacturing as well as the Industrial Internet of Things (IIoT).
The IoT is a maze of communication protocols
The Internet of Things (IoT) communication protocols remain an absolute maze, but Beecham Research, an analyst firm, has published a report designed to help users navigate through the chaos.
Securing physical security
Physical security is now intersecting with cybersecurity in information technology (IT) and operational technology (OT) environments and there is a greater need for cybersecurity awareness as interconnectivity increases.
Network configuration tool for large cybersecurity networks
Westermo's WeConfig 1.4 is a network configuration management designed to configure large and complex industrial data communication networks and features enhanced functionality to bolster cybersecurity.
Industrial grade appliance for ICS cybersecurity
Lanner's LEC-6032 is an industrial grade appliance with the capability to operate under wide temperature ranges and provide connectivity to communicate with programmable logic controllers (PLCs) and human-machine interfaces (HMIs).
Enabling concurrent design, manufacturing
RAS is marshaling in Industrie 4.0 by integrating multiple engineering disciplines that operate concurrently throughout the panel and enclosure manufacturing process.
Industrial connectivity platform upgraded
Kepware Technologies' KEPServerEX version 5.20 software upgrade is designed to offer additional device and Internet of Things (IoT) connectivity for users in building automation, manufacturing, and the oil and gas industries.
IoT to IoAT: Internet of Autonomous Things devices provides solutions
Future Internet of Autonomous Things (IoAT) devices will utilize knowledge-enhanced electronic logic (KEEL) technology and may consume information from other devices or the cloud and participate in solutions they were never designed for.
Evolution of .NET and Microsoft
.NET Framework is a software framework developed by Microsoft that is evolving to strengthen their cloud service platform as well as meet the demands of users outside their own operating system (OS).
Standards for industrial cloud interface being developed
ODVA announced at Hannover Messe their intention to develop a common industrial cloud interface, which will encompass two elements for the industrial cloud: a cloud gateway and an application program interface (API) for transporting data.
Internet of Things will eventually become mainstream, according to survey
A survey by Gartner indicate that many organizations are keen to embrace Internet of Things (IoT) technologies, but there are many companies that aren't convinced of its value or potential.
Robots’ usage growing on production line, but humans still valuable
Robots are a valuable commodity on the plant floor and won't be going away, but for some tasks they aren't as useful as human workers because they lack the ability to adapt and adjust to changing situations.
Potential barriers to preventing IoT adoption
The Internet of Things (IoT) has enormous potential and can change the way how businesses operate, but there are still numerous obstacles to hurdle before wide-scale adoption is possible.
Control system with integrated Fieldbus diagnostics
Siemens' Simatic AFDiSD active field distributor features extended Fieldbus diagnostics that can be installed and allow users to access the latest information about their Fieldbus installation for information such as power, voltage and bus interruptions in real-time.
Information group expanding interoperability and cooperation
The OPC Foundation has created open-source availability of its OPC-UA technology and are also collaborating with the Object Management Group (OMG) to create a standard that will allow OPC UA and DDS to function together. The OPC Foundation also plans to demonstrate the addition of the publish/subscribe message to the OPC-UA specification at Hannover Messe 2016.
Company uses IoT to control 10,000 construction machines
Wipro used a telematics system to connect 10,000 construction machines with the Internet of Things (IoT) that is designed to monitor real-time health and performance of the resources used.
Making technical, business sense
Automation can help companies be more competitive, but that alone does not make a plant successful, productive, or profitable.
How secure is the Internet of Things?
The Internet of Things (IoT) is on the cusp of making our lives easier as consumers and business professionals, but there is also a very real cybersecurity risk that needs to be addressed.
20 years of CiA 401: Perhaps the most implemented CANopen profile
CiA 401, the CANopen device profile for generic I/O modules, was released in 1996 and has been consistently used by manufacturers. Future plans for CiA 401 include mapping for 64-byte process data objects (PDOs) and enhancing interoperability, with discussions underway about safety and security.
Security framework usage growing at steady rate
The Cybersecurity Framework created by the National Institute of Standards and Technology (NIST) is currently being used by 30% of U.S. organizations and is expected to reach 50% by 2020.
Five reasons why manufacturers are embracing the IoT
The Internet of Things (IoT) can help manufacturers in several ways by reducing costs and downtime as well as provide through operational savings and providing revenue systems.
Enabling business through safety, security
With enough knowledge of a facility such as an oil platform, refinery, or pipeline network, a cyber attack that used distributed malware could lead to physical damage and serious losses of revenue.
Cyber security protection enters a new era
Watch for a backdoor cyber security assault. The Juniper Networks incident in December 2015 changed how industry looks at device security as hackers exploit deliberate weaknesses being installed into software. End users, integrators, and device manufacturers need to adapt and prepare for this new reality. Follow these cyber security steps.
Company launches cloud for IoT services
Bosch's IoT Cloud is designed to run various applications for its connected mobility, connected industries, and connected buildings businesses. The first cloud is located in Germany.
Top 5 Control Engineering articles, March 14-20: Ladder logic, Engineers’ Choice winners, sensor actuation charts, more
Articles about ladder logic, the 2016 Engineers' Choice Awards winners, sensor actuation charts, heat exchanger control strategies, and ICS threats were Control Engineering’s five most clicked articles from March 14-20. Miss something? You can catch up here.
Industrie 4.0 is opportunity, challenge
China is pushing ahead with Industrie 4.0 with 94 intelligent manufacturing efforts in China Manufacturing 2025; challenges remain.
Webcast: Replacing Legacy Networking Protocols with Ethernet
Ethernet networks have been used in industrial applications for many years, but large numbers of facilities still maintain older systems that lack many beneficial capabilities.
Upgrading a DCS with an HMI graphical user interface
Upgrading a distributed control system (DCS) with a human-machine interface (HMI) was a simple process until the development team tried duplicatiing the functionality and identifying tag information.
Industrial Internet groups agree to align architecture efforts
Representatives of Platform Industrie 4.0 (I4.0) and the Industrial Internet Consortium (IIC) agreed to align their architecture efforts and have agreed to create a clear roadmap to ensure future interoperability.
Why manufacturing software should be tested before updates
Engineering and IT Insight: The way Microsoft is updating its Microsoft Windows 10 operating system, the ball is out of the user’s court. Instead, Microsoft has installed an automated ball machine that fires when it wants, even if the user isn’t ready. This new update scheme may wreak havoc for many mission-critical systems. Read this to know “why I should test” and why “Disable automatic updates.”
Test bed for grid security launched
The American Recovery and Reinvestment Act of 2009 provided the Energy Department with $4.5 billion to modernize the electric power grid and transition it to a smart grid that is designed to be more responsive to changing power needs.
IoT standards group formed to unify companies, developers
The Open Connectivity Foundation (OCF) has been established to unify Internet of Things (IoT) unifies the former Open Interconnect Consortium (OIC) with leading companies at all IoT levels to provide the key interoperability specification enabling IoT solutions.
U.S. government announces budget increase for cyber security measures
The White House has allocated more than $19 billion in the 2017 budget for cyber security to enable agencies to raise their level of cyber security, help private sector organizations and individuals better protect themselves, disrupt and deter adversary activity, and respond more effectively to incidents.
Top 5 Control Engineering articles, February 15-21: Specifying a servo system, IEC 61131-3, VFD faults and failures, more
Articles about specifying a servo system, IEC 61131-3, preventing VFD faults and failures, well-ground serial networking, and the 2016 Engineers' Choice Awards winners were Control Engineering’s five most clicked articles from February 15-21. Miss something? You can catch up here.
Virtualization benefits and challenges
Virtualization has significant benefits in computing and in networking, but the IT staff, OT staff, or system administrators must truly know their servers and network so they can be ready for challenges or potential cyber security breaches.
Connecting manufacturing assets to enterprise systems
Fred Yentz, CEO of Telit IoT Platforms, talked about the company's plans to connect manufacturing assets to any enterprise system, vertically and horizontally at the 20th Annual ARC Industry Forum.
Getting ready for industrial IoT
HMI designers and engineers should understand the characteristics, requirements, and design methodologies that ensure successful IIoT HMI deployments.
Easing cyber security concerns
Users worried about cyber security think of the issue need to think beyond the technology issue and realize that people process, and technology all need to work together in harmony to achieve true security.
What we learned about engineering communication
Think again about engineering communication and advice: Listening attentively is a learned skill; key phrases such as “what we learned” provide clues about where special attention is needed. Heed this advice on knowledge creation, automation investments, and cyber security from automation and control experts.
Wireless sensor network streamlines semiconductor fabrication facility operations
Wireless mesh networks offer a viable workaround to traditional wired systems. They can be deployed without costly construction or downtime. In addition, the networks can provide data in real time and increase production. A semiconductor company takes the plunge and solves its challenges with the mesh network technology.
Industrial networking company acquires IIoT manufacturer
HMS Industrial Networks AB has signed an agreement to acquire the Belgium-based company eWON SA, an IIoT (Industrial Internet of Things) manufacturer of intelligent Internet-based remote access routers.
Panel and group discussions on IIoT, cyber security at ARC forum
GE Digital and Wurldtech are hosting a luncheon at the 20th Annual ARC Industry Forum in Orlando, Fla., on topics related to the Industrial Internet of Things (IIoT).
Experts see “More of the same” for cyber security
Several cyber security experts believe there will be more cyber security attacks and threats made against companies, infrastructure, and people in 2016. And while awareness continues to grow, there is still a false sense of security as technologies become “smarter” thanks to the Industrial Internet of Things (IIoT).
Automate product support through the IIoT
Engineering and service firms need to take advantage of the Industrial Internet of Things (IIoT) to be able to analyze the mass of data coming in and get creative in their approach to service offerings and customer engagement.
Evolving physical security trends
Physical security technologies are trending toward IP-based video surveillance and access control systems and can even include things such as biometrics and complex perimeter intrusion measures. Understanding Ethernet switches and which network architectures are best for physical security systems has become an important part of the discussion, particularly when the security system operates outdoors.
Security package for data and storage applications
Advantech SQFlash is designed for data and storage security in many different vertical markets such as the automation, medical, and defense industries.
ICS security trends
As the Industrial Internet of Things (IIoT) becomes more prevalent, there is a greater risk for intentional and unintentional cyber security breaches. Industrial control system (ICS) security should focus on advanced security-focused products; security as an attribute of all Ethernet devices; and further adoption of defense-in-depth as major trends going forward.
Microsoft Windows XP Embedded ends extended support
Ask Control Engineering: Extended support for Microsoft Windows XP Embedded has ended; what should I do?
The case for open standard wireless networks
Proprietary wireless systems and local area networks (LANs), while still in use, are being whittled away in spite of the time and expense many companies have invested into them in favor of open standard wireless networks.
Engineering ethics and software concerns
Virtual machines can solve many problems while keeping operations flowing smoothly, but when companies are duplicating software via virtual machines, this brings up some ethical issues that need to be addressed.
Open standard wireless systems
There are a number of open standard wireless systems in use including Bluetooth, Z-Wave, ZigBee, Worldwide interoperability for microwave access (WiMAX), ISA 100.11, and wireless highway addressable remote transducer (WiHART). Each technology has its own specific advantages for particular industries.
Specification volume dedicated to cyber security announced
ODVA announced the pending publication of a new volume in its specifications titled CIP Security and will be initially applicable to EtherNet/IP.
Enhancements planned in 2016 for EtherNet/IP specification
ODVA’s technical work includes the adaptation of time sensitive networking along with cybersecurity, application data models and communication integration standards.
Annual report on IoT and data trends released
National Instruments' NI Trend Watch 2016 is an annual report that examines a range of topics focused on the Internet of Things (IoT), managing data, and the impact of a world that is more connected.
Understanding RFI and EMI’s effects
A troublesome offshoot of radio frequency (RF) technology is radio frequency and electromagnetic interference, or RFI and EMI, respectively. EMI, in particular, can be a real challenge for users on the plant floor because of its impacts on WLAN technology.
ECS Solutions Inc., Evansville, Ind.
ECS Solutions developed its S88 Builder Tool to write a program that can control a single process cell. Since its inception, the company has seen a 40% increase in labor revenue without increasing employment. See video discussion below.
Information integration and IIoT Webcast: Questions answered
More answers about information integration and Industrial Internet of Things (IIoT), the topic of a Dec. 3 Webcast, are provided by a system integrator and automation standards expert. Answers to more audience questions cover infrastructure, adoption and benefits, security, and networks and information integration. IIoT progress also requires effective policies, procedures, and training.
How well do users understand wireless networks? Questions asked of experts shed some light
Wireless networks have been around for years now, but are they as common as some might expect? Understanding of how they work is beginning to seep through, but users are still asking basic questions. Video: Two wireless discussion panelists offer their thoughts.
Three-stage power amplifiers for access point, gateway applications
Richardson RFPD's RFPA5522 and RFPA5542 Wi-Fi-integrated PA modules from Qorvo are three-stage power amplifiers designed for wireless access points and gateways and routers.
WLAN troubleshooting best practices
Because no system is ever perfect, a user’s wireless local area network (WLAN) will shut down. Understanding how and why this happened is important, and there are some fundamental steps the user can take to get things back on track.
Get engineering-related professional development hours
No one I know waits until the last minute, but if they did, they might take advantage of nine free PDH Webcasts from Control Engineering offered in 2015 to satisfy year-end engineering training requirements.
Migrating industrial networks
Sooner or later, that legacy plant-floor network must be upgraded. When that time comes, control engineers should use network migration best practices.
Wireless intrusion detection and protection systems
Keeping your wireless network safe from attack requires vigilance—and the right software strategy.
Bluetooth module for IoT applications
Fujitsu’s Bluetooth Smart Module is designed to reduce cost and time to develop battery-powered wireless devices for IoT solutions.
Top 5 Control Engineering articles, October 19-25: Engineers’ Choice finalists, drive software, process optimization, more
Articles about the Engineers' Choice finalists, drive software and machine vibration, process optimization and VFDs, security for wireless instrumentation, and methane regulations were Control Engineering’s five most clicked articles from October 19-25. Miss something? You can catch up here.
Securing industrial wireless networks
The information age’s arrival in manufacturing is significant not only for what data you can access in your manufacturing operations but also how you can access it.
Data acquisition software for electric, drive testing
HBM Inc.’s perception high speed data acquisition software 6.60 for user customization and support for electric/drives testing.
Internet of Things developer kit
Advantech’s Wise-4012E IoT Developer Kit is designed to help users with IoT projects and it can be accessed directly without an access point and configured through mobile devices with a HTML5 compatible web browser and to ensure the data can be accessed and configured from anywhere.
Gateway for IIoT deployment and stream support
Kepware's IoT Gateway for KepServerEX version 5.19 is built to support Industrial Internet of Things (IIoT) deployments and streams real-time machine and sensor data into cloud-based software platforms for real-time analytics.
EC: Bedrock
Process Control Systems: Bedrock is automation reimagined to deliver the highest levels of security, availability, and performance to users. This is a Control Engineering 2016 Engineers’ Choice finalist.
EC: Wonderware Alarm Adviser 2014
Software - Alarm management: Wonderware Alarm Adviser is a scalable web-based alarm analysis software that helps customers discover nuisance alarms in the process system through interactive visual analysis. This is a Control Engineering 2016 Engineers’ Choice Awards Winner.
IoT groups agree to collaboration for interoperable connectivity
The EnOcean Alliance and the Open Interconnect Consortium (OIC) announced a new liaison agreement and will result in solutions using the EnOcean energy harvesting wireless standard and the OIC specification in a joint effort.
Wireless compliance considerations
Control Engineering Europe discusses the compliance issues surrounding the addition of wireless technology to original equipment manufacturer (OEM) machines.
Integrating a wireless LAN into an existing wired LAN
As wireless local area networks (WLANs) become more ubiquitous, it is clear that necessary expansions of existing wired networks will be either extended—or replaced—by WLANs, and companies and users will need to adapt to the ensuing changes.
Understanding cyber-physical security’s relevance
"Cyber-physical" describes an environment where machines operate automatically and rapidly based on real-time feedback and understanding the characteristics in this new, evolving environment is vital.
Cyber-physical integration, saving children, 5G
Think Again: Automation, controls, and instrumentation are used for cyber-physical integration, saving children, and developing technologies for 5G wireless communications. Get inspired at an engineering conference and share what inspires you. See photo gallery, video link, and extra insights.
Choosing between single and multi-channel architecture
Wireless tutorial: Depending upon what topology is being used, single-channel architectures (SCAs) or multi-channel architectures (MCAs) use multiple repeating channels in a set pattern should be considered for channelization.
Top 5 Control Engineering articles, August 31 to September 6: Industrial control panel standards, industrial control system protection, IoT risk management, more
Articles about industrial control panel builders changing, industrial control system protection, Internet of Things risk management, hybrid machines and CNC, and control system threat levels were Control Engineering’s five most clicked articles from August 31 to September 6. Miss something? You can catch up here.
Webcast: Cyber security technologies and strategies, tips for industrial control systems
This webcast explains how people, processes, and technologies at every layer are needed to lower cyber security risk for industrial control systems as well as initial steps to forming a defensive program.
Virtual and physical WLAN site surveys
Wireless tutorial: Virtual and physical site surveys allow the designer to anticipate and plan for several factors for designing a network that will meet the client’s expectations in different ways.
IIoT group passes 200 members, looks to expand international influence
The Industrial Internet Consortium (IIC) has passed the 200-member mark and is creating Country Teams in four countries to focus on specialized use cases and testbeds.
Wireless IO modules for IoT applications
Advantech's Wise-4000 IoT wireless I/O modules combines data acquisition, processing, and publishing into one I/O module and is designed for a variety of industries including environmental and machine monitoring as well as smart cities.
Prevalence of IoT may leave networks vulnerable to attacks
Devices that use the Internet of Things (IoT) are prevalent in highly regulated industries and the infrastructure supporting those devices is vulnerable to security flaws, according to a recent study.
Security router with integrated switch
Phoenix Contact's RS2005 and RS4004 mGuard variants combine secure routing, VPN, and firewall functions with an integrated switch designed to eliminate or reduce the need to install a stand-alone switch.
IIoT at the IO level
Really look at the Industrial Internet of Things (IIoT): How will device-level communication work using this developing technology? What is IIoT? Learn four IIoT misconceptions, five ways IIoT is new, and six reasons why the disruptive technology of IIoT will be slow to catch on.
System design software receives upgraded version
National Instruments' LabVIEW 2015 system design software has added speed improvements, development shortcuts, and debugging tools, and has added features designed to help developers operate more efficiently. Load time is 8.7 times faster than LabVIEW 2013.
Keeping wireless networks secure
As technology continues to evolve, so do the risks that threaten the security of an industrial network. With more devices now being connected, outsiders have better opportunities to disrupt industrial processes.
Webcast: lloT webcast one: Design considerations
The first of a three-part series on the Industrial Internet of Things looks at some of the research in the process industry around knowledge of and adoption of IIoT, and where companies see the benefits of a more connected enterprise.
Legacy software blues
Is the legacy software platform holding the projects back? Virtualization can offer a safe and affordable path forward.
Reference architecture for industrial Internet systems released
The Industrial Internet Consortium (IIC) released the Industrial Internet Reference Architecture (IIRA), which is designed to provide a common language for the elements of Industrial Internet systems and the relationships between them.
SCADA cyber security
Securing control systems with supervisory control and data acquisition (SCADA): SCADA software, part of many industrial control systems, can use the U.S. National Institute of Standards and Technology (NIST) framework for cyber security.
SCADA HMI software security: Understanding and preventing SCADA viruses, intentional and unintentional
Cyber security: Exploring some of the technical concepts will help an end user understand and prevent security flaws when creating SCADA and HMI software applications and the underlying networks architectures.
Intrusion detection software lowers Internet of Things (IoT) risk
Intrusion detection software (IDS) for the IoT: What’s the point of protecting your embedded devices if you can’t tell if they are under attack? Why intrusion detection software is essential for web-connected devices.
Year 2020 outlook from Maverick Technologies: Automation value is more connected, collaborative, secure
Maverick Technologies, among the three 2015 System Integrators of the Year, offers advice on automation, controls, and instrumentation looking 5 years ahead, in honor of CFE Media’s 5-year anniversary. The approach to automation, networking, new people, collaboration, and cyber security will change in 2020. Advice from a system integrator follows.
Industrial control system designed for simplicity, scalability, and security
Product Exclusive: Bedrock Automation’s industrial control system is an open automation platform that features universal software-defined input/output (I/O) and digital power supply as well as an electromagnetic backplane and embedded cyber defense features.
The role of RFID in the smart factory
Control Engineering International: Radio frequency identification (RFID) technology will have a big role to play in the smart factory of the future, enabling things to communicate in real-time with manufacturing systems, according to Control Engineering Europe.
Asset management software designed to build reliable wireless networks
Emerson Process Management's AMS Suite version 13.0 software decreases start-up and turnaround times for HART devices and is designed to help users build more reliable wireless networks.
Wireless security tutorial: Wireless intrusion detection systems and wireless attacks
How to lower wireless cyber security risk: A wireless intrusion detection system (WIDS) is a software algorithm designed to monitor the wireless network for intruders and protect the network from attacks like social engineering, Denial of Service (DoS), man-in-the-middle (MIM), and other attacks designed to compromise a network’s security. Watch for these four social engineering cyber security hacks that can threaten wireless and wired networks.
Webcast questions and answers on reliable fiber optic networks: design and deployment best practices
Fiber optic network tutorial: Questions and answers follow about how to avoid electromagnetic interference (EMI) and achieve longer distances and higher performance using fiber optics for EtherNet/IP networks across manufacturing zones and devices. Panduit Corp. answers audience questions from an archived webcast on physical layer best practices and understanding proper fiber media selection for each physical layer in the EtherNet/IP network, along with design recommendations.
Webcast: Industrial Internet of Things (IIoT) and Industry 4.0 webcast: Overview and practical advice for today
Expert speakers briefly explain each the Industrial Internet of Things (IIoT) and Industry 4.0, then provide practical advice that manufacturers can implement today to realize productivity gains sooner rather than later.
Organizations join forces to focus on common interfaces for Industrie 4.0 and IoT
The EtherCAT Technology Group (ETG) and the OPC Foundation signed a Memorandum of Understanding (MoU) at Hannover Messe 2015 to define common interfaces for Industrie 4.0 and the Internet of Things (IoT).
ICS-CERT provides cyber security update on industrial control systems
When industrial control systems (ICS) are compromised by cyber security threats, the U.S. government provides a confidential way to share knowledge of the threat and get help. ICS-CERT helps mitigate cyber risk in control systems and embedded systems including vendor testing, on-site assessments, and training. Jeff Gray, with the U.S. Dept. of Homeland Security, outlines the latest industrial control system security issues and cyber security recommendations from the Cyber Emergency Response Team (CERT), at the 2015 CSIA Executive Conference.
Wireless security: Cryptology basics, fundamentals
Cryptology consists of two parts: cryptography, which is the science of encryption algorithms and their use; and cryptanalysis, the science of deriving encryption keys or otherwise decrypting a message by the study of the encrypted message. This industrial wireless technology tutorial explains the basics of cryptology.
Top 5 Control Engineering articles, April 20-26: Instrument inspections in hazardous locations, Apps for Engineers, industrial Internet and the cloud, more
Articles about inspecting instruments in hazardous locations, Apps for Engineers, industrial Internet programs and the cloud, feed forwards augmenting PID control, and enabling efficiency in continuous control were Control Engineering’s five most clicked articles from last week, April 20-26. Miss something? You can catch up here.
Industry information security, the next forefront?
Facing the increasingly severe information security issue of industrial control systems, the Chinese government has established a “Central Network Security and Informatization Leading Group” led by President Xi Jinping to raise network security to the national strategic level. The industrial information security market expects accelerated growth in the future, according to Control Engineering China.
Advance network security, support system monitoring
Cyber security: Applications can improve power reliability and reduce energy costs by advancing network security and supporting system monitoring. Allowing network access raises cyber security concerns. Five defense-in-depth measures can help.
Wireless security: Port-based security, EAP, AKM
Tutorial on cyber security for wireless networks: Authentication and key management (AKM) is the term used to describe the process of IEEE 802.1X/EAP authentication and subsequent encryption key generation and is a major component of extensible authentication protocols (EAP) and IEEE 802.1X. Each time a client associates or re-associates, the entire AKM process must occur, which results in an extremely secure and robust wireless network. Learn the 4-way authentication handshake.
CANopen provides distributed control functionality
There are some misunderstandings regarding the multi-master functionality of CANopen-based control systems. The under-laying CAN data link layer is a multi-master protocol, and each CAN node has the right to request bus access at any time. Depending on the priority of the CAN data frame, the node gets immediate bus access or it has to wait.
CSIA committees, task forces working on standards, initiatives
The Control System Integrators Association (CSIA) has several committees and task forces are working on a number of initiatives and research to help system integrators improve everything from safety protocols to their presence worldwide.
Wireless security: IEEE 802.11 and CCMP/AES
Tutorial: The wireless adoption rate is growing, making security a greater concern. The IEEE 802.11i task group has developed advanced methods of securing wireless networks like counter mode with cipher-block chaining message authentication protocol (CCMP) and the advanced encryption standard (AES). See 5 keys in IEEE 802.11i.
Wireless security legacy, background
Tutorial: Wireless security has come a long way from open system authentication (OSA) and some of the other building blocks like wired equivalent privacy (WEP) and temporal key integrity protocols (TKIPs). Understanding past network security, or the lack of it, can help with network security for today and in the future.
Wireless security basics
Wireless security tutorial: Wireless has become the communications medium of choice for many people and applications. However, without effective data security, wireless technology could not grow and people would still be reliant on wired systems along with the cost and inconvenience associated with them. Industries and businesses want to prevent intellectual property and production from being compromised. Learn about digital authentication, authorization, and accounting.
What are you really controlling?
When designing a system and automating it, there are numerous professionals involved with each of the various areas: process, mechanical, electrical, programming, safety, environmental compliance, etc. Sometimes, due to the lack of communication, the process narrative is not representative of the process, just the abstract desired, yet unreachable, result.
Secure cloud system for networking data in real time
Skkynet Cloud Systems' Secure Cloud Service is designed to provide system integrators, engineers, and managers of industrial, embedded, and Internet of Things (IoT) systems quick and easy access to a secure, end-to-end solution for networking data in real time.
Support-focused enterprise controls: Control system triggers
Upper-level system applications rely on movement detection circuits to produce dependable triggers when objects enter, stop in position, and exit process stations. This is part 3 in a series on standardizing development of programmable logic controller (PLC) programming for controlling discrete manufacturing processes. See 5 ways to arm a sensing trigger. Link to part 1 and 2, below.
Network-based backup solution for CNCs
Fanuc America's FASBacCNC (FOCAS Automation Solution Backup CNC) is designed to prevent extended downtime as a result of the loss of critical files on the CNC following a hardware failure or operational mistake.
Cyber security essentials: Part II
The second installment of the Cyber Security Essentials series looks at what a robust network security system looks like, with insights from an ethical, professional hacker.
Cyber security essentials: Part I
The first installment of the Cyber Security Essentials series introduces the topic of cyber security and outlines the major concepts to be aware of. Don't think you're not at risk.
Ethernet hardware webcast questions and answers
The Control Engineering webcast, Ethernet Hardware, Nov. 12, is available for archived viewing, and the system integrator who provided advice on industrial Ethernet hardware answered additional questions from the audience, below. This webcast is a Control Engineering Registered Continuing Education Program (RCEP) accredited for 1 professional development hour (PDH).
Webcast: Ethernet hardware
Learn about industrial Ethernet hardware through a system integrator's project experiences, including environmental considerations, assessment, specification, installation, testing, and start-up.
Secure plant means more uptime
If a manufacturer can protect itself against an inside attack, then that line of defense should be strong enough to withstand a chunk of outside attacks.
Advice on industrial Ethernet hardware and its application
A system integrator provides advice on industrial Ethernet hardware, infrastructure, design, devices, assessment, installation, and start-up, among other topics. See the information on industrial Ethernet hardware below and in a Control Engineering Registered Continuing Education Program (RCEP) accredited webcast, where registrants can receive a professional development hour (PDH).
Network segmentation boosts performance, protection
Technology Update: Reduce network cybersecurity risk and optimize network performance by following these 5 steps to leverage best practices of network design.
Defense in depth: Best practices to secure your networked system
With the development of the Internet of Things (IoT), securing a connected system is becoming a critical issue. Here are some tips and concepts provided by network security experts from Pack Expo 2014.
Secure remote support for manufacturers
The ability to remotely access your control system as well as troubleshoot from a remote site is becoming increasingly important as wireless technology becomes more dominant in the manufacturing industry.
WLAN topologies
Industrial Wireless Tutorials: WLANs vary in the way communication is achieved and maintained including a basic service set, an extended service set, a mesh topology, and an ad hoc network. Learn how WLAN topologies and designs affect wireless performance.
Top 5 Control Engineering articles, October 13-19: Automating automation, the first PLC, the PLC’s future, more
Articles about automating automation, the first PLC, the PLC’s future, vision systems at an automotive plant, and analog instrumentation’s benefits were Control Engineering’s five most clicked articles from last week, October 13-19. Were you out last week? Miss something? You can catch up here.
EC: mGuard Secure Cloud
Control Security: Phoenix Contact's mGuard Secure Cloud (mSC) is a web-based service that allows FL mGuard users to securely communicate with and support industrial equipment over the Internet. This is a Control Engineering 2015 Engineers’ Choice award winner.
EC: PTC1000 clock converter
Network Integration — Network Hardware: The Kyland PTC1000 clock converter is an IEEE1588 Precision Time Protocol to IRIG-B/PPS clock convertor specially designed to enable the time synchronization for conventional devices in an IEEE1588 system. This is a Control Engineering 2015 Engineers’ Choice finalist.
New frontier in error-correcting codes
Coding scheme for interactive communication is the first to near optimality on three classical measures to remove noise from communications and improve reliability.
NIST Smart Grid framework 3.0 aims for interoperability, updates cybersecurity
NIST's 3.0 framework update aims to transform the aging U.S. electric power system into an interoperable Smart Grid—a network that will integrate information and communication technologies.
Wireless AP/client for industrial networks
Moxa's AWK-1131A IEEE 802.11n wireless AP/client has high-speed transmission rates up to 300 Mbps and features galvanic isolation, which breaks ground loops to help prevent unwanted current caused by different ground potentials from entering the device.
Implementing a simulation network
Critical steps to implementing a successful simulation network include establishing a simulation policy, defining long-term needs, and training your operations team.
Balancing secure networks and process control systems access
What are automation engineers to do to enhance security while ensuring the need for barrier-free access to the process control system?
Industrial router and security appliance has advanced firewall protection
Belden's Magnum 10RX router and security appliance supports a range of networking protocols while offering advanced firewall protection.
Multi-port industrial firewalls with router redundancy
The Hirschmann multi-port firewalls offer a new router redundancy and wide area network (WAN) interface.
Power free Wi-Fi connectivity
Imagine a world in which your wristwatch or other wearable device communicates directly with your online profiles, storing information about your daily activities where you can best access it – all without requiring batteries.
Next-generation fieldbus device couplers simplify chemical plant upgrade
Petrochemical plant adds new physical-layer technology to its long-running fieldbus networks.
Ethernet transducer eases configuration and control
The ReadyLink EtherNet/IP enabled position sensor is designed with a network interface that requires one network connection for configuration and control.
Cloud data does the shuffle
A computer algorithm called the Melbourne Shuffle could keep data secure in the cloud.
Microcontroller with integrated hardware encryption
The PIC24F "GB2" microcontrollers (MCUs) by Microchip Technology are designed to enable secure data transfer and storage in portable embedded applications like IoT sensor nodes and access control systems. See related video demonstration.
3D control room design console software
Winsted's WELS4 is a 3D software program designed to improve the interactivity and speed of control room design and its 3D interfaces allows viewing from any vertical or horizontal angle.
EtherNet/IP: Ethernet for automation
In deploying industrial Ethernet, plant engineers and IT departments should use an Ethernet solution designed and established to connect across applications and from the end customer’s IT infrastructure down to assets on the factory floor. EtherNet/IP delivers the real-time performance, resiliency, and security of proven, but technically mature, fieldbus solutions, with the bandwidth, open connectivity, and future-proof adaptability of standard Ethernet, ODVA explains.
Security ranked as a top challenge facing automation
What automation professional can expect in the years to come with cyber security.
Top 5 Control Engineering articles, June 30 to July 6: PID, cyber security, IOT, more
Articles about tuning PID control loops, U.S. public utility and cyber security, the future of operator terminals, real-time processing automation and control fundamentals, and mobile microrobots were Control Engineering’s five most clicked articles from last week, June 30 to July 6. Were you out last week? Miss something? You can catch up here.
Cyber security: Trusting your source for drivers, software tools
Some of the most published cyber security events have been traced back to malicious content embedded on a trusted user's laptop through an e-mail or downloaded document. Is your process control network safe?
Webcast: Wireless for Stationary Applications
This webcast explains how industrial wireless technologies can provide cost-effective reliable communications rather than being expensive and potentially dangerous to workers.
Boomers departing: A matter of integration
Baby boomers from manufacturing automation industries are taking knowledge gathered through years of experience into retirement. Scrambling to find qualified workers to fill that void has begun. System integration and related technologies are helping.
Synchronizing industrial Ethernet networks
Automation engineers can develop architectures that meet the demands of their applications by understanding the differences between distributed clocks and the IEEE 1588 precision time protocol.
Microsoft Windows XP EOS: What manufacturers need to know
Ask Control Engineering: What do I need to know about end of service (EOS) for Microsoft Windows XP, and what should I consider going forward? See 5 areas impacting cyber security, production reliability, and quality. Alert organizations have been migrating away from Windows XP; Microsoft may still provide limited support for companies that pay for extended support, costing at least $100,000 per year.
Top 5 Control Engineering articles, May 12-18
Articles about things noncontrol people should know about control engineers, fixing PID, the engineering job market, a strategy for the passing of Windows XP, and Control Engineering's salary and career survey were Control Engineering's most-clicked articles from last week, May 12-18. Were you out last week? Miss something? You can catch up here.
Top 5 Control Engineering articles: Microsoft Windows XP
Should Microsoft think again? The end of Microsoft Windows XP support and related topics remained hot among the Top 5 Control Engineering articles posted weekly on www.controleng.com in April.
Software patching is vital to secure operations, but introduces more risks
End of Microsoft Windows XP support raises concerns about industrial networks, connections to PC-based assets, and software patching. Assess software patching risks with 11 critical questions. In manufacturing plant floor applications, security and safety are an integrated concern. Control system cyber security is not the same as desktop PC security.
Isolate your automated Ethernet network for improved efficiency and security
By isolating automation Ethernet networks, companies will see improvements and benefits in the following three areas: Network speed, simplified data, and network security.
CSIA 2014: Everyone has responsibilities for cyber security
Product suppliers, project service providers and system integrators, asset owners, and operators all need to be involved in cyber security, said Johan Nye, control systems commercial technology leader at ExxonMobil Research and Engineering, Fairfax, Va. Nye presented at the 2014 CSIA Executive Conference in San Diego on April 25.
100x the systems with the Industrial Internet of Things
Engineering and IT Insight: Does your manufacturing IT infrastructure have tools to handle 100 times the number of current connections and manage tens of thousands of new smart network connected devices, as industry moves to the Industrial Internet of Things (I2oT) and distributed control, with every device in a facility connected to a plant-wide Ethernet network? What got you here won’t get you there.
Top 5 Control Engineering articles, April 13-19
Were you out last week? Miss something? Here are Control Engineering’s five most-clicked articles from last week, April 13-19, including articles about Windows XP, small nuclear reactors, Google Glass intersecting with control systems, and strategies for the passing of Windows XP support.
What is a zero-day cyber attack?
The name sounds sinister because it’s a hacker’s dream, a secret vulnerability that has no specific defense.
Industrial Ethernet cable tester
Ideal Industries' IENet Pro Industrial Ethernet Cable Tester is designed for LAN testing efficiency and instantly verifies the integrity of two-pair and four-pair industrial Ethernet cables.
Providing secure remote access to industrial Ethernet networks
You have many good reasons for wanting to access your networks remotely, but such access is not without potential threats. How can you keep those networks secure?
IP gateways for remote locations
Advantech's GPRS IP gateways, the EKI-1321 and EKI-1322, are designed for use in remote locations and feature two SIM card slots and allow the user to create a secure virtual private network (VPN).
Wireless networks can save money and speed turnarounds
Wireless networks can be as reliable as wired ones, and can empower workers to handle tasks they otherwise could not.
Target security breach likely to speed adoption of more secure chip-based cards in U.S.
The recent Target credit card breach is set to generate a boom in demand for higher-security, dual-interface cards, with U.S. shipments forecast to surge twenty-fold from 2013 to 2018, according to a report from IHS Inc.
Pedestrian entrance control technology gets smarter
IHS estimates the world market for speed gates to be valued at $219.1 million in 2013 and forecast the market to grow to $310.0 million by 2017.
Making digital forensics a critical part of your cyber security defenses
Do you know your ICSs well enough to recognize when something is happening that shouldn’t be? That knowledge is critical to your defensive strategy, and represents the biggest advantage you have over attackers. See step-by-step cyber security table with tools, tactics, and tips.
Strategies for secure automation, Ethernet networks
Ethernet networks provide plants with an open environment that connects local and remote plant devices with management tools, but open networks come at a cost: security. Several strategies can foster openness while promoting safety and cyber security.
System integrator acquired
Securadyne Systems has acquired IAS, a systems integrator with offices primarily based in the Southeastern U.S.
Automate, integrate, optimize, and protect
Think Again: Automation needs to be interconnected, optimized, and protected. Here’s why.
Global shipments of cybersecurity microcontrollers to rise 91 percent by 2017
Cybersecurity microcontroller (MCU) global shipments are expected to almost double to 529 million units by 2017 because of increased demand for computer security and authentication tools.
Electronic overload relay
Rockwell's Allen-Bradley E300 electronic overload relay integrates communication and Ethernet and has an embedded web server to simplify maintenance and control operations.
Modbus gateway devices connect to Ethernet
The MESP211 by B&B Electronics converts Modbus ASCII or RTU signals to TCP Ethernet and can control Modbus devices on LAN or WAN Ethernet.
Building an integration strategy
Few technical barriers stand in the way of plant-to-enterprise integration today. It promises real-time data for making better decisions and optimizing production. But without a comprehensive corporate plan that sets goals and outlines results, mere connectivity is doomed to disappoint.
EC: EDR-810 Secure Router
Network Integration - Ethernet hardware: The EDR-810 is a 10-port industrial-grade secure router with Firewall/NAT/VPN and managed L2 switching functions, which allows it to transmit data efficiently while protecting the network and critical devices from internal and external network attacks. This is a Control Engineering 2014 Engineers’ Choice honorable mention.
Operator terminal revenue falls with drop in average selling price
Global operator terminal revenue in 2012 shrank by 3.3% after two years of growth because of the selling price of operator terminals falling by 4%.
Access control market is open to the idea of open standards
The access control industry continues to play second fiddle to the video surveillance industry in terms of its adoption of open standards, according to IHS Inc.
Router with integrated switch reduces cyber attack risk
The EDR-810 by Moxa has a built-in managed switch and an industrial-grade secure router that helps protect the network and other devices from a potential cyber attack.
Safety isolators and splitters
Moore Industries’ SSX and SST Safety Isolators and Splitters provide isolation and signal conversion for HART data and can serve as a splitter to send HART data to independent outputs.
FDT2 improves network security, distributed system user interfaces
FDT2 by the FDT Group separates device logic and user interface to enhance security, and it uses the .NET technological platform.
Integrated industrial Ethernet router and switch provides cyber security
Moxa EDR-810 Router/Switch provides an all-in-one cyber security product, saving extra deployment costs and efforts that would be needed with multiple devices.
Hacked without knowing it
Engineering and IT Insight: Cyber-criminals are stealing manufacturing companies’ intellectual property (IP). Is your lack of cyber security hardware, software, and best practices giving away millions of dollars of IP to unknown competitors without your knowledge?
Valves selected for upgrade, expansion project
Metso's Jamesbury valves have been selected for an upgrade and expansion project by Heurtey Petrochem in Russia. The project is expected to be completed by 2014.
Cyber security tools and methods for network penetration testing
Measure risks and vulnerabilities in your industrial networks using tools developed for electric utility applications. Video: Justin Searle explains his projects with the DOE, the resulting tools now available, and the differences between industrial and conventional IT environments.
Compact industrial firewall appliance
Icon Labs announces Floodgate Defender, a compact industrial firewall to provide cyber security protection for industrial, military, and critical infrastructure equipment.
The problem of extra software
A compelling reason for getting rid of the programs that you don’t use or need.
Analogue video surveillance equipment still dominant in consumer market
Despite the difficult retail climate, the consumer market for video surveillance equipment has continued to perform well, with double-digit growth forecast for both analogue and network product categories.
China’s video surveillance equipment market maintains momentum
City surveillance and transportation are the largest end-user industries in China.
Motor control centers add Ethernet for remote monitoring
Medium-voltage Allen-Bradley Centerline motor control centers (MCCs) by Rockwell Automation have added EtherNet/IP to access information remotely. This allows personnel to safely monitor and diagnose potential problems without exposing the worker to potentially hazardous conditions.
EC: Tunneller v4.0
Software - Applications: MarikonOPC Tunneller is the fastest, most trusted way to connect to remote OPC Servers. Whether connecting across different domains, through firewalls, or dealing with unreliable networks, OPC Tunneller has the application covered. This is a Control Engineering 2013 Engineers' Choice finalist.
EC: VPort 36-1MP-IVA-T IP Camera with Intelligent Video Analytics
Network Integration - Network hardware: The VPort 36-1MP-IVA-T megapixel HD IP camera supports -40 F to 167 F operation and onboard Intelligent Video Analytics, which uses advanced image algorithms for quick detection of a wide variety of security threats. This is a Control Engineering 2013 Engineers' Choice finalist.
Summer cyber institute a success
As a student there is nothing better than hands on training and that is just what graduate students pursuing careers in cyber security got in a weeklong summer institute.
New cyber security tool suite
U.S. Department of Energy demonstrates tools to provide situational awareness of networks and control systems.
London 2012 – golds, guards
Sunday saw the end of the London 2012 Olympics and to repeat the favoured cliché of many pundits; the end of “the best ever games.”
For IP-based video surveillance, the future is now
The trend to IP-based video surveillance is, by now, firmly established. The question is no longer “Will IP-based equipment sales overtake analogue equipment sales?”
Industrial Ethernet cables have wide temperature ranges
Alpha Wire has added Ethernet cables to their Xtra-Guard line. The cables meet NFPA 79 application requirements, appropriate for demanding industrial Ethernet applications.
Control panel design: Easier access
Panel interface connectors decrease risk, allow PLC or PAC access without opening the control panel.
Decoding Stuxnet
Engineering at 30 Frames: Understand the basics, future, and view a demonstration of Stuxnet
Survey: Malware Response teams fear 2012 threats will grow in number and sophistication
A survey by Norman ASA reveals more than half of IT leaders believe that malware threats are their biggest worry for 2012. They're also worried that the new malware is too sophisticated for their analysis and security capabilities.
Built-in test solution for processor boards
Kontron's Power-on Built-in (PBIT) solution is designed to improve the reliability, safety and security of processor boards that are used for mission-critical applications.
Multistage, enclosed surge protection devices
The OVR NE12 is an enclosed surge protection device (SPD) designed to protect valuable equipment connected to the network for critical power, renewable energy, water, and other commercial applications.
Turn-key factory control centers
ControlCore is a customizable mobile enclosure from Concept Systems designed to house all of the electrical and electronic components in a factory work cell.
The software that wasn’t there
Do you need to be concerned about security issues with programs that you don’t use? Yes.
New portable hands-on industrial control system cyber security training kit and course
New course material from Cybati has been used in FBI and university training programs, and is now available commercially.
Update on digital certificates
The discussion early in August is back in the headlines as hackers gain stolen documents to pose as Google.
Ethernet products receive hazardous location certification
AvaLAN's AW900xTR and AW2400xTR outdoor wireless Ethernet modules received the certification, allowing them to be used in the oil and gas markets.
Security gateway with support for HDA servers
MatrikonOPC’s has updated their OPC Security Gateway with support for HDA OPC Servers
Video: IT students explore the world of industrial networks and cyber security
DePaul University expands its IT offerings with a new class on security for industrial control networks.
Video: Commoditizing wireless communication
ISA100 Wireless Compliance Institute aims at making users forget about wireless standards so they can concentrate on applications, beginning with instrumentation.
EtherNet/IP network added to motor control centers
Allen-Bradley NEMA and IEC Centerline low-voltage motor control centers provide seamless information exchange between plant floor devices and business-level systems to increase productivity and improve worker safety.
Sequence of events recorder provides reporting for 32 channels
Cyber Sciences device can assist with cyber event forensics or analysis after process incidents and upsets.
7 tips for an industrial Ethernet cyber security strategy
Industrial operations are becoming more aware of their vulnerability to cyber mischief or cyber attacks. Here are seven tips that can create the foundation for a cyber security strategy.
It can happen here?
While it seems that Siemens’ efforts to deal with the Trojan problem have been effective, the situation should remind us that such events must not be thought of as something that happen somewhere else. The folks from GarrettCom were reminding me of an article that we did last January, where we surveyed readers on their understanding of cyber security issues. Here’s the paragraph that they recalled particularly: “The first surprise was that 24% indicated they do not believe there are any threats and risks associated with their information control system that could affect their business operations. This seems very puzzling since most organizations operate with the understanding that there is no such thing as 100% security.
IT workers: 37% to seek security certifications within 5 years, CompTIA survey says
Information technology (IT) professionals are placing their bets on security-themed certifications as they plot their next career moves, a new study from CompTIA, a trade association for the IT industry, reveals.
Schneider Electric Square D PowerLogic EGX300 gateway server
The Schneider Electric Square D PowerLogic EGX300 Integrated Gateway-Server has Ethernet gateway functionality and Web functions to view critical real-time electrical system data and historical use patterns through trend plots to help optimize energy use and existing electrical infrastructure.
Corporate responsibility: Use GRC systems to keep plants and suppliers in check
Complying with governmental regulations normally involves lots of paperwork and plenty of manual workarounds. Still another layer of knowledge is necessary to ensure suppliers are in compliance with certain standards. Governance, Risk, and Compliance (GRC) systems address these compliance issues and a lot more.
Cybersecurity bloggers discuss industry issues
Control Engineering's cyber-security bloggers Matt Luallen and Steve Hamburg discuss their experience in the development of today's cybersecurity practices and how current developments are impacting the lives of engineers in the manufacturing industries. To view the video, go to www.controleng.com, click on the video tab in the multimedia box, select “view all videos” and then selec...
RFID security breach
The security of a widely used radio frequency identification (RFID) chip has been broken by European researchers. The SANS Institute said researchers at a Dutch university broke the security of the Mifare RFID chip, which is used in the Oyster card, a prepaid smartcard used for travel on public transportation in the United Kingdom.
RFID: Kit speeds RuBee use, praise for chip, more rugged tags
In three radio frequency identification (RFID) developments, a kit offers secure visibility and better performance over RFID harsh environment applications; Intel's RFID Transceiver R1000 chip won an award; and Premo RFID broadens tag range with Harsh-Tag-150W.
Cyber security for control systems: More tips, warnings from INL
Control systems are threatened by cyber security intrusion. But there’s good news and bad news, said Rob Hoffman, manager communication & cyber security resources, Idaho National Labs.
ISA99 update: Cyber security standard and technologies report
Research Triangle Park, NC – A new American National Standard and an update of a widely used technical report on cyber security technologies have been released by ISA. ANSI/ISA-99.00.01-2007, Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, and Models, focuses on key concepts, terminology and models, and will serve as a foundation for standards now in development in the ISA99 series.
Sometimes its personnel
Sometimes it’s easy to forget about the people aspect of control systems. Multiple regulatory rules, laws, and internal procedures require that people who perform shop floor actions are unequivocally identified, are authorized to perform the actions, and have valid training or qualifications to perform the actions.
Cyber security: Cooperative agreement among Wurldtech, Tegron, FluidIQs
Vancouver, BC, Longview, TX, and Napa, CA—The world of industrial automation might become safer as a result of recent cooperation. Wurldtech Security Technologies has announced a three-party cooperative agreement with Tegron and FluidIQs to develop and deliver advanced security solutions to the global industrial automation market.
HMI Software Product Research September 2007
Research was undertaken to gain a better understanding of Control Engineering subscribers’ applications and needs regarding human machine interface (HMI) software.
CIO alert: Most believe a mobile breach is inevitable; it’s time to actively monitor data stored on corporate mobile devices
If a device falls into the wrong hands, the impact on a company's competitive positioning, brand and reputation could be severe.
Network security is more than encryption
Much data transmitted over networks is sent in clear text, making it easy for unwanted persons to capture and read sensitive information. Encryption plays a vital role in securing these data by translating them into a secret code. It protects data from intruders and ensures that only the intended recipient can decode and read the information by accessing a secret key or password that enables de...
On call 24/7: Wireless system detects open circuits
Cooper Bussman InVision system detects when a circuit protection device has opened, alerts maintenance personnel which device has operated (phone, text, email), where it is located, part number of the replacement device, and the appropriate level of personal protective equipment to wear to replace or reset the device.
A Closer Look at Windows Vista, Part I: Security Changes by National Insturments
Malware refers to any software that secretly infiltrates and damages a computer system without the informed consent of the owner. Despite the use of anti-virus and anti-spyware software, malware can still affect even careful users. One of the stated goals of the Microsoft Windows Vista release is to greatly improve the overall security of the Windows operating system and curb the impact of malware.
IBM advances security services position, buys ISS
IBM will acquire Atlanta-based Internet Security Systems Inc. (ISS) in an all-cash transaction for about $1.3 billion, or $28 a share. The move is subject to shareholder and regulatory approvals and customary closing conditions. The deal is expected to close in the fourth quarter. The acquisition is IBM's fourth in recent weeks, and at $1.
Generic tag security offered for RFID
Westminster , CO — SkyeTek Inc. unveiled what it calls the industry’s most advanced security technology for protecting the integrity and privacy of broad radio frequency identification (RFID) implementations in HF and UHF. The best cryptography implemented today is found in government, financial, and Internet applications in the form of Advanced Encryption Standard (AES) and the Secure Hash Algorithm (SHA), specified as industry standards.
Best practices for control systems security
The US Department of Homeland Security, Control Systems Security Program (CSSP) announces a Web site resource for control systems security personnel. The site provides Control System Security Program activities, as well as information on cyber threats, vulnerabilities and mitigations. Recommended practices for securing control systems, which have been vetted through industry and government experts, are available through the US CERT Control Systems web site ( www.us-cert.gov/control_systems ). Site topics include a control systems vulnerabilities overview, a discussion of cyber threats to control systems, related training courses and relevant standards and references.
Reduce arc flash risk with infrared thermography, breakers: Webcast
A May 25 arc-flash safety Webcast from a sister publication to Control Engineering offers explanations about technologies and training to avoid this industrial hazard.
Twist-less, tape-less wire connections
An AWG #10 push-wire connector is the latest addition to the Wall-Nuts product line from Wago. Series 773-173 Wall-Nuts connector is designed as an alternative to traditional twist-wire connectors. No twisting and taping are required. The technician strips the wire and inserts the conductor. A transparent housing allows visual confirmation of the connection.
Chemical industry merges cybersecurity efforts
Two chemical-industry cybersecurity groups agreed to merge their efforts into one organization- The move to consolidate initiatives, expected to be complete by Jan. 1, 2006, follows two years of cooperation between the Chemical Sector Cybersecurity Program (CSCP) and the Chemical Industry Data Exchange (CIDX).
Chemical industry consolidates cybersecurity efforts
Arlington, VA —Two chemical industry cybersecurity groups agreed to merge their efforts into one organization. The move by the Chemical Sector Cybersecurity Program (CSCP) and the Chemical Industry Data Exchange (CIDX) to consolidate initiatives follows two years of cooperation between the two groups. CIDX’s Board of Directors voted late last month to consolidate the CIDX Cybersecurity Initiative into the CSCP. The new organization, which will continue as the CSCP, addresses issues related to the industry’s cybersecurity implementation, advocacy, and outreach. According to CSCP Director Christine Adams, bringing together the two initiatives will help the new organization respond more effectively to emerging sector needs as it focuses on generating widespread adoption of cybersecurity practices and tools.
Video security-by-exception over SCADA
In most instances, physical site security of a manufacturing or processing facility has been treated as a separate endeavor from control system security. As a result, facility security—especially for remote facilities—has been left largely to security firms using video surveillance.
Network security revenues projected to grow 27% by 1Q06
San Jose, CA—Though network security appliance and software revenues increased worldwide by 5% from the last quarter of 2004 (4Q04) and 1Q05, they’re forecast to shoot up 27% to $1.3 billion in 1Q06, according to “Network Security Appliances and Software,” Infonetics Research’s quarterly worldwide market share and forecast service.
Security: a national priority
By saying, in February 2003, that the protection of control systems had become "a national priority," President Bush set off a flurry of security activities in the industrial sector. We remain, however, a long way from reaching the goal of secure industrial infrastructures. So that an appropriate layer of security can be added, most of the past few years' security efforts have been spent simply...
Eaton aids coalition to stop counterfeit electrical products
Pittsburgh, PA—More than a dozen companies, including Eaton Corp., met earlier this year with the National Electrical Manufacturers Association's (NEMA) Anti-Counterfeiting Committee to address the growing installation of unauthorized electrical aftermarket products that jeopardize personnel safety and the integrity and code compliance of electrical distribution systems worldwide.
Danaher offers to buy Trojan Technologies
Washington, D.C.; London, Ontario, Canada—Danaher Corp. has agreed to acquire all shares of Trojan Technologies Inc. for approximately $185 million in cash, including transaction costs and net of cash acquired.
Plant Engineering to present Arc Flash II Webcast
Protecting people and equipment from "arc flash" will be the theme of Plant Engineering magazine's latest Webcast on Sept. 30, 2004. This online event will address: electrical documentation accuracy; protection devices available to increase worker and equipment safety; and knowledge required to make all these pieces fit together.
Many use PDAs with no security protection
Many users of personal data assistants (PDAs) store sensitive data on devices that have no security protection, a new survey shows.
U.S. GAO says control systems at risk of cyber attacks
The U.S. General Accounting Office recently reported that, besides increasing general cyber threats, several factors are contributing to escalated risks of cyber attacks against control systems. These factors include adoption of standardized technologies with known vulnerabilities and increased connectivity of control systems to other systems, according to GAO's report, "
CRITICAL INFRASTRUCTURE PROTECTION GAO Report to Congressional Requesters (March 2004)
Testimony from the U.S. General Accounting Office(GAO)on the "Challenges and Efforts to Secure Control Systems". Securing control systems poses significant challenges including united specialized security technologies and lack of economic justification. Read the report from GAO here.
Monitors logs, performance at network layer
Verano Inc. reports that its Industrial Defender solution suite addresses the five phases of best practices for mission-critical security defined by NIST, NIPC, Department of Homeland Security, Argonne National Labs, Sandia National Labs, and Pacific Northwest Labs. These five phases are: monitor, detect, notify, protect, and recover.
How to put SCADA on the Internet
Many companies are considering using the Internet for supervisory control and data acquisition (SCADA) to provide access to real-time data display, alarming, trending, and reporting from remote equipment. However, there are three significant problems to overcome when implementing an Internet-based SCADA system.
Intermec and Funk Software provide 802.1x wireless security
Las Vegas, Nev. - Intermec announced on May 6 at NetWorld+Interop 2002 a partnership with Funk Software (Cambridge, Mass.) that will provide 802.1x wireless security for Intermec 802.11 MobileLAN wireless systems.
Viruses: No one is immune
A computer virus is a self-replicating program designed to wreak havoc with computers. Some of them are benign, but mostly they're no laughing matter. For example, the "Love Bug" virus, which appeared in early May, affected businesses and government agencies throughout the world. Many companies, large and small alike, had to shut down their computer systems to handle the attack, causing g...