Security with SIMATIC-S7 controllers
The security issue is of primary importance since industrial Ethernet solutions and numerous unsecured interfaces are on the rise. More and more often, Ethernet connections extend all the way to the field level. For the system automation this has several advantages. At the same time, however, production processes that were secure in the past are now open to attack from both the outside and inside. Reliable security can only be provided by an approach that unites security mechanisms and a comprehensive understanding of automation. Siemens is the only company worldwide who has this know how.
Siemens follows the "Defense in Depth" strategy in order to achieve the required security goals. The approach of this strategy is a multi-layer security model consisting of the following components:
- Plant security
- Network security
- Access protection/system integrity
In order to maintain the system integrity, it is important to minimize the vulnerabilities in PC systems and in the control level. Some solutions to meet this requirement are the following:
- User authentication for machine or plant operators
- Integrated access protection mechanisms in automation components
The new controller generation (such as the SIMATIC S7-1200/1500), but also the controllers of the S7-300/S7-400/WinAC family offer a comprehensive security concept.
This document gives an overview which security mechanisms the automation components have integrated for protecting the system integrity against cyber attacks and unauthorized access by users or non-company persons.
Add CP1243-1, actualize links in document