November 28, 2024
CorporateProductsServicesSupportInvestorsSearch
HomeSite MapContact Us

   • Energy Sector Consulting
   • Network Security Services

Network Security Services


Manufacturing and Process Control

What’s on Your Network?

With the proliferation of plant floor data networks and the constant business demands to connect them to ERP or ‘front office’ systems, many companies have neglected to monitor security properly.

Typical response is that ‘it’s an IT problem’ or ‘we’ll look at it later, I’ve got production targets to make’ simply allow the problem to grow.

Hackers ARE targeting control networks. At the recent ‘ToorCon 7’ hacker conference, a session was held on the weaknesses of SCADA and PLC networks, with examples focused on various protocols including MODBUS .

Many organizations and standards bodies are preparing recommendations for future projects. Some of these will be quite complex to implement. But like physical security, if you have the most secure doorway in the neighborhood, a thief will look for an easier target.

Get Started Now!

If you have any of the following:


•Plant floor networks
•Ethernet
•SCADA
•PLC networks (ControlNet, DeviceNet, Ether/IP, etc)
•HMI
•OPC Servers
•Fiber optic cables
•Switches/Hubs
•Routers
•DCS
•Protocol Gateways
•TCP/IP
•Data Historians
•RAS
•Firewalls
•Modems

…then you need an up-to-date Information Security Plan.

We recommend that you start with our initial assessment service. Our low cost, no-obligation report details things like: network maps, connected equipment types, traffic levels, protocols, etc. Ask for details about how we can help you!

OUR SERVICES ALSO INCLUDE;

•Vulnerability Assessments
•Security Architecture
•Security Policy and Audit
•Protocol Design and Analysis
•Regulatory Compliance
•Custom Security Services


Plant Network Security Resources

NERC, Urgent Action Standard 1200 Cyber Security,
NERC, “NERC Approves Extension of Urgent Action Cyber Security Standard,” NERC News, September 8, 2004,
NERC, Standard 1300 — “Cyber Security,”
ISA
ISA SP99,
Process Control Security Requirements Forum (PCSRF),
The Common Criteria, Evaluation and Validation Scheme,
ISO/IEC 17799:2000, Information Technology – Code of Practice for Information Security Management.
CanWeb Security Resources:


Acronyms

AES = Advanced Encryption Standard
ANSI = American National Standards Institute
CIP = Critical Infrastructure Protection
CISSWG = Critical Infrastructure Security Standards Working Group
CMIP = Common Management Information Protocol
DCS = Distributed Control Systems
DHS = United States Department of Homeland Security
DNP = Distributed Network Protocol
DOE = United States Department of Energy
DoS = Denial-of-Service
FERC = Federal Energy Regulatory Commission
GOOSE = Generic Object Oriented Substation Event
HAP = Host Access Protocol
HMAC = Hashed message authentication code
ICS = Industrial Control Systems
IEC = International Electrotechnical Commission
IEEE = Institute of Electrical and Electronic Engineers
IETF = Internet Engineering Task Force
ISA = Instrumentation, Systems, and Automation Society
ISO = International Organization for Standardization
IT = Information Technology
LAN = Local Area Network
MIB = Management Information Base
MMS = ISO/IEC 9506 - Manufacturing Message Specification
NERC = North American Electric Reliability Council
NIST = National Institute of Standards and Technology
NSTB = National SCADA Test Bed
PCSRF = Process Control Security Requirements Forum
PIN = Personal Identification Number
SCADA = Supervisory Control and Data Acquisition
SNMP = Simple Network Management Protocol
TLS = Transport Layer Security
TCP/IP = Transmission Control Protocol/Internet Protocol
WAN = Wide Area Network

Printer Friendly

iWare learn more myphotoSERVER.com Contact Us DynIP.com myphotoSERVER DynIP learn more iWare learn more