Industrial Cyber Security provides comprehensive protection of productivity

Industrial Cybersecurity 

Cybersecurity : as an essential component of Digital Enterprise
We are happy to support you

Contact us

Holistic protection

Cybersecurity threats force you to take action

Digitalization and the growing networking of machines and industrial systems also mean an increase in the risk of cyberattacks. Appropriate protective measures are imperative, especially for critical infrastructure facilities. An approach that covers all levels simultaneously – from the operational to the field level and from access control to copy protection – is essential for comprehensively protecting industrial facilities against internal and external cyberattacks.

Comprehensive concept as recommended by IEC 62443

The increase in horizontal and vertical data integration is a principal feature of digital companies. That’s why it’s increasingly important to reliably protect productivity and expertise at three levels: plant security, network security, and system integrity.


With “defense in depth”, Siemens provides a multilayer security concept that gives plants both all-round and in-depth protection as recommended by the international standard IEC 62443. It’s aimed at plant operators, integrators, and component manufacturers alike, and covers all security-related aspects of cybersecurity. To strengthen cybersecurity as a whole beyond the boundaries of our own organization, we’ve joined forces with leading companies from around the globe to form the Charter of Trust. This cooperation is already showing the first signs of success and has ambitious goals for the future.    

Physical protection and security management for automation systems

Plant security employs a number of different methods to prevent unauthorized persons from gaining physical access to critical components, starting with conventional building access and extending to the securing of sensitive areas by means of key cards.


Tailored Industrial Security Services from Siemens include processes and guidelines for comprehensive plant protection. These range from risk analysis and the implementation and monitoring of suitable measures to regular updates.    

Typical fields of application

Scalable access control systems

Managed access control is an essential factor when it comes to safeguarding critical company areas. Among other things, it is used to regulate who or what may enter a building or building complex. Siemens offers an extensive portfolio of reliable access control systems, ranging from access solutions and video monitoring systems to resource control systems and control platforms.

Know-how for security

Customized Industrial Security Services from Siemens encompass processes and guidelines for the comprehensive protection of plants – including, for example, risk analysis, implementation of suitable measures and their monitoring, and regular updates. In this way, you optimally protect production processes and industrial control systems (ICSs) against attacks.


Siemens makes the necessary security knowledge available to its customers and helps them successfully implement security measures in their companies.    

Proven protection with TÜV SÜD certificate

Integrators, operators, and manufacturers require insight into IT security measures for designing and operating automation processes and systems. The TÜV SÜD certificate attests to Siemens’ conformity to IEC 62443-4-1 for security in the product lifecycle management (PLM) processes of automation products.

Secure communication in industrial networks

One of the key challenges for consistent communication is to additionally establish adequate protection of easily accessible systems. In addition to availability, the focus is on protecting automation networks against unauthorized access.


Moreover, our portfolio has been optimized for use in automation systems and is designed to meet the specific requirements of industrial networks. For use in extreme environment conditions our ruggedized security portfolio provides the right answer. 

Network security - Zero Trust strengthens cell protection

Network security includes the protection of automation networks against unauthorized accesses with network access protection, segmentation, and encrypted communication.


In industry, home office work and remote access to plant and machinery are on the rise. This has consequences for network security. In this video, you can see how flexible work can be combined with maximum network security.

Typical fields of application

Network segmentation

Parts of systems that comprise multiple automation cells and that may even come from different suppliers should connect to one another only when absolutely necessary.


Installing SCALANCE S Industrial Security Appliances upstream from an automation cell segments the network and limits communication to permitted connections thanks to firewall rules.    

Define individual rules for users

To minimize risks during service and maintenance of an automation network, it’s necessary to limit access to the relevant components and devices.


With SCALANCE S Industrial Security Appliances, you can create user-specific firewall rules that are temporarily activated for the duration of a service call by entering specific user data. In this way, you can assign a user access rights for specific devices and protocols – flexibly and protocol-dependent.    

Secure provision of data across network boundaries

Network users (such as MES servers) have to be able to communicate with one another from the protected and unprotected network without establishing a direct connection between them. With SCALANCE S Industrial Security Appliances, a DMZ can be set up based on a flexible security zone concept.

Comprehensive network management for industrial networks

Central and around-the-clock monitoring, management, and configuration of networks with tens of thousands of subscribers is a genuine challenge.


SINEC NMS supports you and reliably fulfills process-based and technical security requirements according to the IEC 62443 Standard – including central, policy-based firewall and Network Address Translation (NAT) management, a local documentation function via audit trails, central forwarding of information via Syslog, central updates, and central user management.    

Protection of industrial networks using firewalls and VPNs

Machines can be remotely programmed, parametrized, and monitored from a service center via the Internet. The system can be accessed via the Internet using an encrypted VPN tunnel with SCALANCE SC646-2C as a VPN server.

Easy remote access for teleservice and remote maintenance

The SINEMA Remote Connect management platform permits secured remote access to globally distributed machines and plants via public networks.


Via a secured VPN tunnel connection, different users can connect to SINEMA Remote Connect, which administers the remote accesses to their plants. The plants can establish a VPN tunnel to SINEMA Remote Connect either on a permanent basis or as needed, because the VPNs can be activated or deactivated via a digital input or text message.


The Dedicated Device Access function makes it possible to further restrict the access rights stored in the SINEMA RC Client.     

Protection of automation systems and control components

Whether you want to protect existing know-how or exclude unauthorized access to your automation processes from the outset as a way of preventing faults in your production processes – we support you in implementing targeted measures to protect against a variety of threats and design complete solutions for maximum protection.


Our integrated security features provide comprehensive protection against unauthorized configuration changes at the control level, as well as unauthorized network access. They prevent the copying of configuration data and make any attempts to manipulate these files easier to detect.    

TIA Portal V17 security update

TIA Portal V17 provides new security functions such as TLS-based protection of communication between controllers and HMIs. In addition, access to controllers can be restricted via certificates and password queries.


In the sense of "security by default", the password query is activated as standard. Access rights for users are assigned via local or central user management via the User Management Component. For more details on these and other security functions, see the video.

Typical fields of application

Secure access management for machines and plants

One of the essential mechanisms for protecting automation components is consistent, logged access control. With the SIMATIC RF1000 Access Control Reader, you can reliably identify the personnel operating machines and plants and assign them appropriate access rights.


Depending on your needs and security requirements, login can be exclusively via RFID card – such as an employee ID – or via RFID card and user-specific login data. Logging of accesses enables transparent tracing in the event of security incidents.

Comprehensive protection against unauthorized changes on the control level

We offer you well-conceived concepts and solutions for the security of controllers, HMI, and SCADA applications, fully in keeping with the spirit of Totally Integrated Automation – our open system architecture for integrated automation – even within the secure cell.


The PLC system is protected by several protection levels, extending all the way to a complete lockdown (password also required for HMI connections).

Multiple users working simultaneously on one project

Project management is performed by a standalone UMC server application that can be installed independently of TIA Portal.

  • Available as a TIA Portal option for managing central users and user groups.
  • Efficient, system-wide support of users and access control for multiple TIA Portal projects and products (e.g. Active Directory)
  • UMC users/groups can be imported into projects
  • Basis for efficient administration of personalized security in the plant

The SINEC NMS Network Management System includes an efficient user administration for access control to network components that authenticates users and authorizes accesses and use.    

Protection of communication against manipulation

Communication integrity means protecting communication against unauthorized manipulation to ensure high plant availability. Central elements include, for example, digital checksums when accessing controllers.    

Protection of intellectual property

To protect development investments, existing know-how must be protected – for example, by means of passwords – against the unauthorized opening or evaluation of program blocks from the STEP 7 configuration or a memory card.

Protection against unauthorized duplication

Protect your development investments against the unauthorized duplication of your PLC programs. Binding individual program blocks to the PLC’s serial number or memory card prevents the duplication of projects and makes it possible to detect manipulation attempts.

System integrity for process automation with SIMATIC PCS 7

Siemens’ SIMATIC PCS 7 offers an integrated, comprehensive security solution tailored to the specific requirements of process plants. The security concept effectively increases protection, reduces risk, helps to prevent security incidents, and thereby increases plant availability.


The strength of SIMATIC PCS 7 lies in the combination of a variety of security measures working together in the plant network. Segmentation of the plant into individual security cells ultimately results in a closed system in line with IEC 62443-3-3 – Security for Industrial Automation and Control Systems.    

Protected in every aspect – Cybersecurity for Industry at a glance

Download brochure

Always active

Staying secure 24/7

Cybersecurity for Industry is a dynamic topic. Potential hazards, security risks, and defense measures are constantly changing. That’s why it’s important to always maintain an overview of the current state of knowledge. Our security experts are happy to support you.

Industrial Security alerts and updates

Siemens ProductCERT investigates all reported security issues and publishes Security Advisories on validated security vulnerabilities that directly involve Siemens products. Use our news ticker to gain an overview of the latest developments.

Industrial Security Services

With Siemens Industrial Security Services, industrial companies benefit from the comprehensive know-how as well as the technical expertise of a global network of experts for automation and cybersecurity. The holistic approach helps identifying threats and vulnerabilities at an early stage, reacting fast in case of indicators of compromise and getting a long-term, holistic protection.

Always active – We help you to stay secure in the long run

Industrial Security is a continuous moving challenge. Learn how Siemens protects its own products and solutions against cyberattacks and how industry benefits from Siemens’ expertise.

Whitepapers and downloads

Bundled information on Cybersecurity for Industry:

You’ll find whitepapers, technical articles, and other interesting downloads on our summary page.

Focus topics

Network reference guide for OT and IT for realization of secure networks

Read the white paper which services both OT and IT can support realizing secure architectures in industrial networks. In the document a "cybersecurity plan" shows the implementation in five steps: network segmentation, asset and network management, network protection, secure remote access, training and awareness.

Primer for Cybersecurity in Industrial Automation

The International Society of Automation (ISA) and Siemens team up to bring you an in-depth e-book as a guide to facilitate the access to the standard IEC 62443 – including main concepts and basic principles to design and deploy security concepts for industrial plants.    

Cybersecurity in the water industry

Plant availability and security of supply are top priorities in the water industry. In a digital world where OT and IT are merging more and more, both areas deserve special, around-the-clock protection from external attacks. Thus, comprehensive defense in depth concept that provides you a reliable protection from cyberattacks is necessary.

Cybersecurity in tunnel systems

The increasing digitalisation of the world also brings great challenges. Critical infrastructure, which include tunnels, need to be protected against cyberattacks. Find out here how you can secure your tunnel facility with comprehensice cybersecurity protection.

Webcast series: Cybersecurity in industry – Risks and strategies

Webcast series: Cybersecurity in industry

Nothing and no one is safe from their attacks: industry, administration and critical infrastructures worldwide are increasingly under attack from hackers. In a series of webcasts, Siemens experts talk about the risks posed by such intruders and the strategies that can be used to repel them.

Siemens Xcelerator – Accelerating the digital transformation

Cybersecurity for Industry: Combine the real and digital worlds securely – to become a Digital Enterprise with Siemens Xcelerator

Siemens Xcelerator is our open digital business platform enabling efficiency, resiliency, flexibility, user experience, and sustainability. Making digital transformation easier, with faster time to market, and at scale.


It comprises:

  • a curated, modular portfolio of software and IOT-enabled hardware built on standard application programming interfaces and a range of services from Siemens and certified third parties
  • a growing ecosystem of partners – from solution vendors to technology partners
  • a marketplace, that will grow over time, as a central point to explore, educate, exchange and transact alongside a community of customers, partners, and developers


With clear technical and commercial governance based on highest standards and values, we facilitate co-creation and collaboration between partners, customers and developers. Together, we can accelerate your digital transformation!


Cybersecurity for Industry in practice

Siemens solutions for Cybersecurity for Industry have already been successfully proven in practice.
Discover additional, exciting projects in the area of Cybersecurity for Industry

Further references

Digital Enterprise

Cybersecurity for Industry in the Digital Enterprise

In order to enable companies to make the most out of digitalization, Siemens developed Digital Enterprise – a comprehensive portfolio of software and automation solutions. It supports the discrete and process industries’ efforts to become faster, more flexible, and more efficient. Cybersecurity plays a major role.

Learn more


Always on the secure side

Siemens’ solution portfolio for Cybersecurity for Industry follows a comprehensive approach. Secure automation hardware, robust software, and continuous refinement of the underlying industrial security strategy ensure constant improvement to the standard of industrial security. Our experts will happily support you!