With the inevitable convergence of Operational Technology (OT) with Information Technology (IT). The industrial control systems increasingly use Ethernet and TCP/IP networks as the network infrastructure, migrate from industrial control protocols to the application layer, use wireless networks such as WLAN and GPRS, and adopt standard commercial operating systems such as Windows OS, devices, middleware, and general technologies. The security of an industry automation control system determines the secure production of critical industrial sectors. Industry automation manufacturers are hard-pressed to ensure the security of increasingly open production control networks. Industrial control systems mainly face the following internal and external threats:
●Deterioration of external security environment
●Increasing internal threats
●External Staff’s Threats
Industrial control digitalization and automation is an emerging area, but it does not receive enough attention, as management staffs lack security knowledge and awareness. To ensure the security and reliability of an industrial control system, the following requirements must be met:
●The vulnerability scanning system and the audit system must be available to prevent vulnerabilities of industrial control systems that exist in devices, software, or protocols.
●Specific protection measures designed for various attacks must be available at the network boundary.
●Stability and ease to use for security products of internal staffs in industrial environments must be met.
Venustech provides a comprehensive industrial control security solution to ensure the security of production environments. Figure 2-1 shows the deployment of the industrial control solution.
Figure 2-1 Deployment of the industrial control solution
Based on existing security vulnerability features, the industrial control vulnerability scanning system scans and identifies vulnerabilities for devices, applications, and systems in industrial control systems such as SCADA, DCS, and PLC. If vulnerabilities exist in an industrial control system, the generated report will indicate the severity of the risk and provide recovery suggestions and preventive measures, and audit risk control policies. This allows users to control security based on overall vulnerability assessment.
●Security management and audit
Security management and audit uses a single pane of glass security monitoring and O&M supporting platform designed for the industrial control environment to integrate all detected security information, display industrial control security information about the whole system, discover threats and attacks, generate alarms in real time, and support O&M through the event handling process. To realize these functions, the system provides a well-designed interface for implementing management and control and a view for displaying rich information for users to easily and efficiently perform security management operations.
The system provides personalized services based on the roles of management personnel and offers multi-perspective and multi-level management views for different levels of users.
●Industrial control prevention system
Industrial firewalls are developed for industrial control systems and are specific for industrial control systems such as SCADA, DCS, PCS, and PLC. They are widely used in the industrial control systems of industries closely related to national welfare and the people's livelihood such as the nuclear facility, iron and steel plant, nonferrous metals, chemical industry, petrochemical industry, electricity, gas plant, advanced manufacturing, water control project, environment protection, railway, urban rail transit, civil aviation, urban water supply, gas supply, and heat supply.
Industrial firewalls are deployed in inline mode at the boundary of each layer on an industrial network to provide filtering of data collection. They can also be deployed at the boundary of the control device layer (for example, before an engineer station or PLC) for logical isolation and prevention. Industrial firewalls provide in-depth security protection for industrial networks.
●Security management and audit
●Industrial control firewalls
●Industrial control abnormality monitoring system
●Industrial control GAP
●Onsite O&M and audit system
●Oil and gas pipeline industrial firewall project
Industrial firewalls were deployed to implement realtime isolation and prevention among areas and block external intrusion on the SCADA system. This is a typical application of industrial firewalls in the SCADA system.
●Industrial control O&M audit system used in a cigarette factory
The product recorded all operations of external O&M personnel by screenshots and videos. This can prevent viruses, maloperations, and information leakage that occur when external O&M personnel operate and maintain onsite devices.