Although interconnectivity between plant floor and enterprise systems can boost productivity, it can introduce security risks. ODVA (www.odva.org) made available new guidelines, Securing EtherNet/IP Networks, which discusses cybersecurity recommendations for automation networks, including how to determine and deploy security strategies for various network types.
"In the past, manufacturers were able to secure industrial control systems simply by controlling physical access to their automation components," said Katherine Voss, executive director of ODVA. "Today's demand for increased productivity requires interconnectivity through industrial Ethernet—most often EtherNet/IP, as it provides unprecedented visibility into real-time machine and supervisory systems. As many businesses are concerned about the security risks that come from a free flow of information, ODVA outlines how to manage risks with the implementation of processes and technology."
A number of ODVA member companies collaborated on the new security guidelines. The document does not attempt to provide an exhaustive list of security risks, precautions or mitigation steps. Instead, it aims to provide users with a starting point for thinking about what cybersecurity means for industrial networks, and what a security strategy looks like, and it directs readers to additional resources and information.
In the guidelines, ODVA outlines key security concerns in industrial automation, and provides guidance and resources for process changes to mitigate risk, including information on risk analysis, collaboration between IT and industrial departments, best practices for different types of industrial networks, and emerging industrial security technologies.