Securing Your OPC Classic Control System

by Eric Byres, security expert and CTO of Byres Security and Thomas J. Burke, President, OPC Foundation.

OPC Classic is a software interface technology used to facilitate the transfer of data between different industrial control systems. It is widely used to interconnect Human Machine Interface (HMI) workstations, data historians and other hosts on the control network with enterprise databases, Enterprise Resource Planning (ERP) systems and other business-oriented software. Unfortunately, securely deploying OPC Classic has proven to be a challenge until recently.

This White Paper describes two techniques for ensuring strong security in systems using OPC Classic technology. This first is based on creating zone-based defenses using OPC-aware firewalls. The second takes advantages of improvement in the Windows operating system to managing OPC accounts and permissions. Both security techniques are available and proven for use in today’s control systems.

PDF Securing Your OPC Classic Control System - White Paper (764kb)

Tofino OPC Classic Enforcer Introduction - Powerpoint (520kb)