Security in practice

Implementing security within the company

Constantly monitored and integrated security is essential for industrial automation 

Measures of protection in the digital enterprise

The increase in horizontal and vertical data integration is a principal feature of digital companies. That’s why it’s increasingly important to reliably protect productivity and expertise at three levels: system integrity, network security and plant security. 

The prerequisite is a comprehensive approach that integrates or includes security mechanisms with a comprehensive understanding of automation can provide reliable protection. Siemens supports you in implementing the necessary measures – as part of our integrated range of products and services for industrial security.

Industrial Security from Siemens ensures that customers are prepared for the challenges of the future and can use it as a base for building their digital enterprise.

Oliver Narr, Marketing Manager Industrial Security, Siemens AG

Industrial Security is based on three levels

Certified and tested products

Manufacturers of automation solutions must provide system-tested products that meet all security requirements. They must also take account of security standards in their product development process and make updates available to their customers. Siemens has had this certified for production by TÜV Süd.

Certification and standards

Know-how for security

Siemens makes the necessary security knowledge available to its customers and helps them successfully implement security measures in their companies. Through its own team of experts and intensive cooperation with CERT organizations in many countries, Siemens ensures that this specialized knowledge is always up to date.

Industrial Security Services

Implementing a defense in depth strategy

An approach that covers all levels simultaneously – from operational to field level, from access control to copy protection – is essential to comprehensively protect industrial facilities against cyber attacks both from within and from outside. This is why we use “defense in depth” as our overarching protective strategy in accordance with the recommendations of ISA99/IEC 62443, the leading standard for security in industrial automation.

Plan security within your company

Staying secure 24/7 Learn how Siemens stays always active

Always active

Industrial Security portfolio

Protection of automation systems and control components

Whether you want to protect existing knowledge or exclude unauthorized access to your automation processes from the outset that could disturb your production processes, our industrial security offer includes support for implementing targeted measures to protect against different threat scenarios as well as design of total security solutions for sufficient protection.
Controller and HMI systems

Integrated industrial security for controller and HMI systems

We offer designs for security of controllers, HMI, and SCADA applications, fully in keeping with the spirit of Totally Integrated Automation, our system architecture for integrated automation – even within the secure cell.

 

Learn more about our defense-in-depth concept

PC-based systems

Integrated industrial security for PC-based automation

The necessity of protecting PC-based systems in industrial automation is keeping pace with the growing importance of these systems.

Ethernet communication is increasingly prevailing as a standard in industrial automation, too. This implies a growing need to protect PC-based systems within a network from unauthorized access. In addition to defined escalation processes, technical safeguards represent another important protective measure in security management. We offer you designs and solutions for safeguarding your PC-based systems.

 

Learn more about our defense-in-depth concept

Motion control and drives

System integrity for motion control and drives

Security features for motion control applications – how you can protect your investment against unauthorized access and manipulation.

Motion controls and drives offer you a wide range of industrial security functions to implement well conceived, seamless automation concepts and solutions with the appropriate security.

 

Learn more about our defense-in-depth concept

Process automation

System integrity for process automation

Today, process plants are either directly or indirectly connected to the Internet which puts their operations, product quality, and profits at risk.

Siemens SIMATIC PCS 7 offers an integrated, comprehensive security solution, tailored to the specific requirements of process plants. The security concept effectively increases protection, reduces risk, helps to prevent security incidents, and thereby increases plant availability.

 

Learn more about our defense-in-depth concept

SIMATIC PCS 7 security concept

The SIMATIC PCS 7 security concept offers solutions for the protection of process plants. The concept is based on a nested security architecture (defense-in-depth) and represents an integrated approach. It is not limited to the use of individual security procedures (such as hierarchical authority distribution, authentication and encryption) or devices (such as firewalls). Its strength instead lies in the combination of a variety of security measures working together in the plant network. Segmentation of the plant into individual security cells ultimately results in a closed system in line with the definition of ISA 99 - Security for Industrial Automation and Control Systems.

Plant protection

Plant security – physical protection and security management for automation systems

Plant security prevents unauthorized persons from gaining physical access to critical components using a number of different methods.

Plant security starts with conventional building access and extends to securing of sensitive areas by means of key cards. Tailored industry security services include processes and guidelines for comprehensive plant protection. These range from risk analysis and the implementation and monitoring of suitable measures to regular updates.

 

Learn more about our defense-in-depth concept

Network components

Network security – for secure industrial communication

Network access protection, network segmentation, and encrypted communication to protect automation networks against unauthorized access.

Network security contains:

  • Controlling all interfaces – e.g. between IT and OT – and remote maintenance access with firewalls and optional DMZ (demilitarized zone = safety-related, shielded zone)
  • Safety-related segmentation of the plant network in single  protected automation cells
  • Encrypted data transfer via VPN to protect against data espionage and manipulation

Learn more about our Defense-in-Depth concept

 

Further information about Industrial Ethernet Security

 

Certification and standards Successfully implement current regulations for Industrial Cyber Security

Learn more

Security Services

Best prepared for Industrial Security

Get swiftly up to speed for Industrial Security in your company using our extensive range of services. We’re there to help, with practical knowledge and thorough training services.
White papers and downloads Latest information and white papers on Industrial Security

View now

Security Alerts

Keep up-to-date

Industrial Security Alerts and Updates

Use our news ticker to gain an overview of the latest developments. We also provide links to important updates for our automation products and solutions to vulnerabilities that have been fixed.