Aug 2

PROFINET Network Security

“Plausible deniability is not a security strategy.” This blog post is for users who have not taken any steps towards securing their networks. At some random time in the near future a hacker will shut down your machine, your line, your plant. How will you try to invoke deniability? Production is air-gapped. There is no…

Read More
Mar 25

Contracted Security

Should securing your network follow the model of securing your plant?  Most factory security guards that I’ve encountered don’t work for the company that owns the factory; they’re contracted.  Should you contract securing your network?  You probably contract at least some of your automation engineering to a System Integrator.  Is this any different? This line…

Read More
Mar 12

Industrial Ethernet Security in X Steps

Are fieldbuses less secure than Industrial Ethernets?  I think not (in a rare disagreement with Mike Miclot and Brian Oulton from Belden in the webinar “Industrial Security in the Real World: Practical Steps”).  They said Industrial Ethernet is more secure.  I think the potential security problem with fieldbuses is that they connect to controllers which…

Read More
Nov 6

IT and Automation Synergies

“The United States and Great Britain are two countries separated by a common language,” George Bernard Shaw is supposed to have said. I said something similar in my first year of blogging: IT and engineering – two organizations separated by common technology. One of my pet peeves then, as it is now, is the notion…

Read More