First-hand expert knowledge
Valuable knowledge about industrial communication networks
On this page you will find qualified answers to important questions about industrial communication networks – always available and clearly organized according to different subject areas.
In this section, our expert Gert Mikuta highlights the differences between Office IT and industrial networks.
A clear, physical separation of the two worlds makes sense and is nowadays also practiced, since the requirements differ greatly. In industrial applications, high availability, robust devices and fast switchover times are essential. Accordingly, the protocols used in the industrial automation environment have developed differently from those run in the office environment. This is one of the reasons why it is useful to decouple and separate the industrial network from the rest of the enterprise network through layer 3.
Our expert Gert Mikuta explains why industrial networks are anything but ordinary.
In contrast to standard IT, operating times around the clock (24/7) are demanded in industrial IT. The life cycles of industrial plants are much longer, i.e., updates may no longer be available for some components or may not be readily implemented in an accepted/released system. For example, a plant builder no longer provides a warranty or a safety certification would have to be renewed. As a rule, there are no defined time windows to perform maintenance work, changes may have to be made during operation. The automation process dictates the operating processes and not a single user.
It is common practice to design industrial network concepts based on the specific requirements of the respective application. In addition to safety, security and data availability concepts are also already included at an early stage of the network planning. Even though existing comparable network concepts can serve as the basis, individual application-specific characteristics are the compelling reason why no overarching standard architectures can be used.
In addition to dealing with a lack of space, it is crucial to enable the fastest possible exchange of defective components. To quickly put systems and plants into operation again, it makes sense to also place the aggregation networks – such as the industrial backbone – directly at the plant, thus keeping the service path short and the response time low.
The environmental conditions in a production plant, a distribution station or a filling/refilling system differ greatly from the climatic conditions in a data center or office. The fact that robust components should be used here, for which there are replacements even after many years, goes without saying.
Security concepts have to be consistent. Our expert Peter Schönemann knows what needs to be taken into consideration.
A threat to industrial networks that should not be neglected stems from the use of open communication technologies, e.g. Ethernet and OPC. These make previously proprietary, closed systems considerably more vulnerable to threats from the outside. No technology has increased the risk as much as Microsoft Windows, which is used as the de facto operating system in many industry sectors. While this trend brings many benefits to the plant operation, such as when it comes to the development effort as well as deployment and training costs, it at the same time exposes the control systems to all the risks and threats of the IT world.
Another threat exists due to the long life cycles of assets in industrial environments. In fact, many control systems have been in operation for more than 20 years. Instead of investing and migrating to modern systems – a very costly and potentially cumbersome process – many automation users have maintained legacy systems and merely improved their connectivity to retrieve more information from them. The consequence: Formerly closed systems are suddenly – and without preparation – connected to open enterprise networks and the Internet. As already mentioned, they are thus exposed to all common threats of modern communication.
Ignoring cyber threats to industrial IT systems can have far-reaching consequences for any plant operator – from environmental damage to image damage to financial loss. Other possible consequences include:
- Declining plant availability all the way to a plant stoppage
- Loss of data, recipes, intellectual property and confidential data
- Sabotage/manipulation of the industrial plant
- Changes in the production process and thus faulty products and services due to manipulated data
- Declining or lost competitiveness
- Penalties for security incidents due to non-compliance with legal requirements
In order to support you in the implementation of a comprehensive security concept, Siemens not only offers an extensive industrial security portfolio of products and services, but also several operational guidelines that make basic recommendations for organizational and technical measures. In the form of Industrial Security Services, Siemens furthermore offers comprehensive services to support the planning and implementation of suitable action catalogs that precisely meet your requirements. The defense-in-depth security concept used by Siemens is primarily based on the international standard IEC 62443 / ISA99, which has proven itself in the industrial environments of automation. It is aimed at plant operators, integrators as well as component manufacturers, and thus covers all security-relevant aspects of industrial security.
The use of so-called whitelisting software is a good alternative to virus scanners. Such systems work with so-called positive lists, in which the user specifies the processes or programs that may be executed on the computer. If a user or malware attempts to install a new program that is not stored in the lists, the software automatically stops this and prevents damage. Unlike virus scanners, whitelisting software manages without regular updates of the signatures.
As a provider of industrial software, Siemens supports the user in this respect by testing its own software for compatibility with virus scanners and whitelisting software.
Fundamentally, no security concept or measure can provide 100% protection. For an adequate protective concept, users must therefore weigh the costs of the security against the benefits of an integrated network as well as the likelihood and impact of a security breach. This may result in varying protective goals for the various areas of the production, which in turn can be protected with different measures. By taking a holistic view of the production, Siemens can also help in defining suitable protective goals.
The safety-related segmentation of the plant network into individual protected automation cells serves to increase the security, in addition to the general risk minimization, and is a fundamental component of a security concept.
Here, the segmentation of the network into cells and the assignment of the devices take place according to the communication and protection needs. Therefore, the implementation of a security concept often begins with the segmentation of the plant into logical security cells – according to the physical and functional layout of the network architecture. A security cell can again consist of several smaller segments, but in the case of disconnection, must ultimately be able to work autonomously for a certain period of time without a connection to other plant or functional units.
Wireless communication in an industrial environment: Our expert Georg Werner Geib knows what is important.
How can industrial networks be managed and operated with maximum efficiency? Our expert Georg Werner Geib provides the answers.
In today's companies, this is organizationally solved in many different ways. The recommendation by Siemens is that the automation-relevant network infrastructure is the responsibility of the maintenance personnel or an automation-related IT department – already simply because of the necessary operating times. The central firewall as the point of transfer between IT and automation is usually run by the office IT department, but the coordination of the guidelines has to be done by mutual agreement.