Measures of protection in the digital enterprise
The increase in horizontal and vertical data integration is a principal feature of digital companies. That’s why it’s increasingly important to reliably protect productivity and expertise at three levels: system integrity, network security and plant security.
The prerequisite is a comprehensive approach that integrates or includes security mechanisms with a comprehensive understanding of automation can provide reliable protection. Siemens supports you in implementing the necessary measures – as part of our integrated range of products and services for industrial security.
Industrial Security from Siemens ensures that customers are prepared for the challenges of the future and can use it as a base for building their digital enterprise.Oliver Narr, Marketing Manager Industrial Security, Siemens AG
Industrial Security is based on three levels
Certified and tested products
Manufacturers of automation solutions must provide system-tested products that meet all security requirements. They must also take account of security standards in their product development process and make updates available to their customers. Siemens has had this certified for production by TÜV Süd.
Know-how for security
Siemens makes the necessary security knowledge available to its customers and helps them successfully implement security measures in their companies. Through its own team of experts and intensive cooperation with CERT organizations in many countries, Siemens ensures that this specialized knowledge is always up to date.
Implementing a defense in depth strategy
An approach that covers all levels simultaneously – from operational to field level, from access control to copy protection – is essential to comprehensively protect industrial facilities against cyber attacks both from within and from outside. This is why we use “defense in depth” as our overarching protective strategy in accordance with the recommendations of ISA99/IEC 62443, the leading standard for security in industrial automation.
Protection of automation systems and control components
Whether you want to protect existing knowledge or exclude unauthorized access to your automation processes from the outset that could disturb your production processes, our industrial security offer includes support for implementing targeted measures to protect against different threat scenarios as well as design of total security solutions for sufficient protection.Integrated industrial security for controller and HMI systems
We offer designs for security of controllers, HMI, and SCADA applications, fully in keeping with the spirit of Totally Integrated Automation, our system architecture for integrated automation – even within the secure cell.
Integrated industrial security for PC-based automation
The necessity of protecting PC-based systems in industrial automation is keeping pace with the growing importance of these systems.
Ethernet communication is increasingly prevailing as a standard in industrial automation, too. This implies a growing need to protect PC-based systems within a network from unauthorized access. In addition to defined escalation processes, technical safeguards represent another important protective measure in security management. We offer you designs and solutions for safeguarding your PC-based systems.
System integrity for motion control and drives
Security features for motion control applications – how you can protect your investment against unauthorized access and manipulation.
Motion controls and drives offer you a wide range of industrial security functions to implement well conceived, seamless automation concepts and solutions with the appropriate security.
System integrity for process automation
Today, process plants are either directly or indirectly connected to the Internet which puts their operations, product quality, and profits at risk.
Siemens SIMATIC PCS 7 offers an integrated, comprehensive security solution, tailored to the specific requirements of process plants. The security concept effectively increases protection, reduces risk, helps to prevent security incidents, and thereby increases plant availability.
SIMATIC PCS 7 security concept
The SIMATIC PCS 7 security concept offers solutions for the protection of process plants. The concept is based on a nested security architecture (defense-in-depth) and represents an integrated approach. It is not limited to the use of individual security procedures (such as hierarchical authority distribution, authentication and encryption) or devices (such as firewalls). Its strength instead lies in the combination of a variety of security measures working together in the plant network. Segmentation of the plant into individual security cells ultimately results in a closed system in line with the definition of ISA 99 - Security for Industrial Automation and Control Systems.
Plant security – physical protection and security management for automation systems
Plant security prevents unauthorized persons from gaining physical access to critical components using a number of different methods.
Plant security starts with conventional building access and extends to securing of sensitive areas by means of key cards. Tailored industry security services include processes and guidelines for comprehensive plant protection. These range from risk analysis and the implementation and monitoring of suitable measures to regular updates.
Network security – for secure industrial communication
Network access protection, network segmentation, and encrypted communication to protect automation networks against unauthorized access.
Network security contains:
- Controlling all interfaces – e.g. between IT and OT – and remote maintenance access with firewalls and optional DMZ (demilitarized zone = safety-related, shielded zone)
- Safety-related segmentation of the plant network in single protected automation cells
- Encrypted data transfer via VPN to protect against data espionage and manipulation
Learn more about our Defense-in-Depth concept
Further information about Industrial Ethernet Security