Security guidelines for SIMATIC HMI devices
The main priority in automation is to maintain control over production and process. Even actions intended to prevent a security threat from spreading must not affect control over production and process.
The document takes a closer look at the security aspects of the following topics. It describes the different stages from initial configuration to commissioning.
- In the preliminary stages:
Minimization/prevention of tampering during the configuration
- During operation – Device settings on the panel:
Preventing access to the device settings
- During operation – Use of HMI Runtime:
Plant operation by authorized personnel only
- During operation – Remote access / maintenance
Suitable preventive action to prevent unwanted remote access
- General: Hardware
External constructional measures to avoid tampering on the panel
A security management process is essential to a well-thought out security concept.
Protection goals are derived from the risk analysis that serve as the basis for concrete, organizational and technical measures.
After their implementation, the measures must be checked from time to time.
Security management process