×
Siemens Industry Online Support
Siemens AG
Entry ID: 92605897, Entry date: 05/03/2018
(3)
Rate

All-round protection with Industrial Security - System Integrity

  • Entry
In this entry you can find an overview arranged in themes with links to the most important entries regarding Industrial Security (system integrity).

With the rising use of Ethernet connections right into the field level, security issues in the industry are also gaining increasing significance. There are enormous chances but also large risks in open communication and the increased networking of production systems. In order to protect an industrial plant from attacks in terms of security, appropriate measures have to be taken.
Siemens offers a multi-layered concept withDefense in Depth according to the recommendations of ISA 99/ IEC 62443 that protects the plant all-round but also in depth. The concept is based on the components:

  • plant security
  • network security
  • system integrity

 

 

Whilst classic plant security thwarts physical access, network security and the protection of system integrity safeguards from cyber attacks and unauthorized access by users or people not belonging to the company. Here, you can find an overview arranged in themes with links to the most important entries.
 

 Plant security  Network security System integrity

The third supporting pillar of a balanced security concept is to secure system integrity. This refers to automation systems and controller components, SCADA and HMI system that are protected against unauthorized access and malware or that have to meet special requirements, such as know-how protection.

General Security information

Current documents and White Paper on the topic Industrial Security and Security Integrated
SIMATIC Process Control System PCS 7 Security concept PCS 7 & WinCC (Basic)
SIMATIC Process Control System PCS 7 Compendium Part F - Industrial Security (V9.0)
Security with SIMATIC S7-Controller
Recommended Security Settings for IPCs in the Industrial Environment
Checklist for Setting Up SCALANCE Devices

Backup/Recovery/Disaster strategy
PCS7

How do you do a recovery for PCS 7 systems during running operation?

Patch management
PCS 7/WinCC

Which Microsoft Patches ("Security Patches" and "Critical Patches") have been tested for compatibility with SIMATIC WinCC?
Which Microsoft Updates have been tested for compatibility with SIMATIC PCS 7?
How can you find out which Microsoft Patches are installed on the PC?

 SINUMERIK/ SIMOTION

SIMOTION P350: Compatibility of Microsoft security updates
SINUMERIK 810D/840Di/840D: Compatibility of Microsoft security updates with SINUMERIK PCU 50/70 and CNC Shopfloor Management Software

Virus protection
General

Compatibility Tool for Automation and Drive Technology

STEP 7

Which virus scanner versions can you use for STEP 7 V5.3, V5.4 and V5.5?
Which virtualization platforms and virus scanners can you use with SIMOTION SCOUT and SCOUT TIA?

 PCS 7/ WinCC

Process Control System PCS 7 V7.0 SP1 Security Information Note: Setting up antivirus software
SIMATIC Process Control System PCS 7 Symantec AntiVirus V10.2 Configuration
SIMATIC Process Control System PCS 7 Symantec Endpoint Protection 11.0 Configuration
Symantec Endpoint Protection 12.1 Configuration
SIMATIC Process Control System PCS 7 McAfee VirusScan (V8.5; V8.5i; V8.7) Configuration
SIMATIC Process Control System PCS 7 Configuration McAfee VirusScan Enterprise 8.8 - White Paper
SIMATIC Process Control System PCS 7 Trend Micro Office Scan configuration V7.3 including Patch 2
Trend Micro OfficeScan V8.0 Configuration
Trend Micro OfficeScan 10.6 Configuration
Trend Micro OfficeScan 10.6 SP1 configuration
Trend Micro OfficeScan 11.0 Configuration
Trend Micro OfficeScan 11.0 SP1 configuration

 SINUMERIK

Information regarding the virus protection for SINUMERIK 840D sl with PCU50

Whitelisting
SIMATIC

Use of Whitelisting Protection Mechanisms with SIMATIC Products

 PCS 7/ WinCC

Which security precautions help against unauthorized access in the SIMATIC PCS 7 / WinCC environment?
Which security measures help against unauthorized access to computer systems with WinCC flexible?

Measures in dealing with Stuxnet
PCS 7/ WinCC

SIMATIC WinCC / SIMATIC PCS 7: Information about Malware / Viruses / Trojan horses

Protection from unauthorized access
SIMATIC

Automation Tasks in 10 minutes or less SIMATIC S7-1500: AT 5 - Integrated Firewall
Which settings are required to access the web server of the CPU via a PC with a second network card even though a proxy server is set?
How do you configure and program an S7 connection and the PUT and GET communication instructions for data transfer between two S7-1500 CPUs?

PCS 7/ WinCC

Which security precautions help against unauthorized access in the SIMATIC PCS 7 / WinCC environment?
Which security measures help against unauthorized access to computer systems with WinCC flexible?

User management
PCS 7/ WinCC

Entries on SIMATIC Logon
SIMATIC Logon
Tips and tricks for the topic of user administration
How can you create a protected user screen without using user administration?
User Logon to the Operator Panel via HMI-RFI
SIMATIC STEP 7 Basic/Professional V15.1 and SIMATIC WinCC V15.1
Why are the DCOM settings of the WinCC OPC server reset after activating the OS Runtime?
User Administration in WinCC (TIA Portal)

Manipulation security
STEP 7 Project

How can you protect STEP 7 (TIA Portal) projects against unauthorized access and modifications?
What block protection facilities are available in STEP 7 to protect the know-how of your blocks?
How can you install block protection for self-created blocks?
SIMOTION SCOUT, SINAMICS STARTER: SINAMICS DCC and know-how protection of the drive device
What are the requirements to be met by know-how-protected blocks so that you can compile them also in other projects?
How do assign a know-how protection to C scripts and VBS scripts?
How can you activate the protection level with a password in the HW Config for an S7 CPU?
How can you install block protection for an S7-SCL block?
How do you install the improved block protection for FBs and FCs in STEP 7 V5.5 onwards?
How do you install block protection for the S7-GRAPH blocks?
Automation Tasks in 10 minutes or less SIMATIC S7-1500: AT 3 - Intellectual Property Protection
How can a PLC Program be protected against unauthorized manipulation?
How can you detect a change in the S7 user program in STEP 7 V5.5?
Know-how protection in fail-safe programs

SIMATIC Controller

Security with SIMATIC S7-Controller
Automation Tasks in 10 minutes or less SIMATIC S7-1500: AT 2 - Security Integrated
How do you detect an inconsistently or incorrectly formatted SIMATIC Memory Card (SMC) and how do you repair it?
Sending SYSLOG messages with a SIMATIC S7 CPU

Recording of operator actions
WinCC

SIMATIC WinCC WinCC Engineering V15.1 - Options
Delivery release SIMATIC WinCC/ChangeControl V7.4 SP1 and SIMATIC WinCC/Audit V7.4 SP1
Documenting Operations Using WinCC WebNavigator
Remote Control of Operator Panel in Applications requiring Validation in the Pharmaceutical Environment
Acknowledgement of WinCC V7 Messages with Forced Comments

Services

SITRAIN: Training catalog