White Papers
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Effective OPC Security for Control Systems
April 2011
For the past decade, industrial control systems administrators and engineers wanted to believe that ‘air gaps’ or ‘security by obscurity’ would keep them safe from security threats. Those days are over - recent security incidents such as the Stuxnet worm are a loud wakeup call for the industrial automation industry.
This White Paper explains the security advantages of limiting network interfaces and protocols, and recommends using OPC as a communications standard because of its ease of use and its widespread deployment.
It goes on to discuss how different defensive layers can be employed to provide high security when using OPC technology. The paper also outlines a simple and cost effective way to secure OPC that can be deployed in almost any industrial facility.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Analysis of the 7-Technologies IGSS Security Vulnerabilities for Industrial Control System Professionals
March 2011
A number of previously unknown security vulnerabilities in the 7-Technologies Interactive Graphics SCADA System (IGSS) product have been publically disclosed. The release of these vulnerabilities included proof-of-concept (PoC) exploit code.
This White Paper summarizes the current known facts about these vulnerabilities. It also summarizes the actions that operators of SCADA and ICS systems can take to protect critical operations.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Analysis of the ICONICS GENESIS Security Vulnerabilities for Industrial Control System Professionals
March 2011
A number of previously unknown security vulnerabilities in the ICONICSTM GENESIS32TM and GENESIS64TM ICS/SCADA products have been publically disclosed.
This White Paper documents the current known facts about these vulnerabilities. It then summarizes the actions that operators of SCADA and ICS systems can take to protect critical operations.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
How Stuxnet Spreads – A Study of Infection Paths in Best Practice Systems
February 2011
 |
The Stuxnet worm is a sophisticated piece of computer malware designed to sabotage industrial processes controlled by Siemens SIMATIC WinCC and PCS 7 control systems.
This paper describes an example of a site following high security architecture best practices and then shows the ways that the worm could make its way through the defences of the site to take control of the process and cause physical damage.
The paper closes with a discussion of the lessons that can be learned from the analysis of Stuxnet’s propagation pathways. It explains how owners of critical systems need to respond to protect control systems from future threats of this type.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Siemens PCS7 WinCC Malware
October 2010
New Stuxnet White Paper: Analysis of the Siemens WinCC / PCS7 “Stuxnet” Malware for Industrial Control System Professionals.
Stuxnet is a computer worm designed to take advantage of a number of previously unknown vulnerabilities present in the Windows operating system and Siemens SIMATIC WinCC, PCS7 and S7 product lines.
It was designed to target one or more industrial systems that use Siemens PLCs with the apparent objective of sabotaging industrial processes.
This White Paper summarizes the current known facts about the Stuxnet worm and the actions that operators of SCADA and ICS systems can take to protect critical operations.
Also included is Joel Langill's excellent video that shows in detail how Stuxnet infects a system.
Securing Your OPC Classic Control System
August 2010
by Eric Byres, security expert and CTO of Byres Security and Thomas J. Burke, President, OPC Foundation.
OPC Classic is a software interface technology used to facilitate the transfer of data between different industrial control systems. It is widely used to interconnect Human Machine Interface (HMI) workstations, data historians and other hosts on the control network with enterprise databases, Enterprise Resource Planning (ERP) systems and other business-oriented software. Unfortunately, securely deploying OPC Classic has proven to be a challenge until recently.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
High Security Integration Using OPC
April 2010
OPC Classic, the popular industrial integration standard based on DCOM, has made the interfacing of different industrial control products significantly easy. Unfortunately, it also brought with it a number of serious security concerns for the designers of control, SCADA and safety systems.
This White Paper looks at these issues and reviews the solutions proposed over the past decade from researchers and academics. It looks at new technologies in advanced firewall port management and embedded OPC servers that offer true defense-in-depth and read-only security for better reliability and security of all control systems, but especially for safety integrated systems.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
OPC Security White Paper #1 - Understanding OPC and How it is Deployed
December 2007
Abstract: This White Paper is the first in a series on the security of OPC (OLE for Process Control) and focuses on providing an overview of the widely-used industrial communication standard and how it is actually used in industry.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
OPC Security White Paper #2 - OPC Exposed
November 2007
Abstract: In this second White Paper of the OPC Security Series, we describe the vulnerabilities typically found in OPC hosts, based on OPC’s current architecture and the typical underlying operating system. We also investigate common misconfiguration vulnerabilities found in OPC server or client computers both at the operating system and OPC application level.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
OPC Security White Paper #3 - Hardening Guidelines for OPC Hosts
November 2007
Abstract: In this third White Paper of the OPC Security Series, we outline how a server or workstation running OPC can be secured in a simple and effective manner.
