Digital technologies offer significant advantages for industry; however, increased connectivity and reliance on data can expose organizations to cyber threats. Incidents such as data breaches, ransomware attacks, and insider threats can have serious repercussions, making cybersecurity in digitized factories and process plants a critical priority.
Image Credit: AIBooth/Shutterstock.com
Unlike traditional IT environments that undergo regular upgrades, factories often operate with legacy systems not designed to address evolving security risks. Integrating new digital technologies with existing infrastructure can create complex security landscapes, complicating the identification and mitigation of vulnerabilities.
Protecting measurement data is essential to avoid operational disruptions. While safety and environmental protection are paramount, compromised data can also lead to severe commercial consequences, ranging from short-term losses to long-term reputational damage. Furthermore, any impact on regulatory compliance can result in serious repercussions from regulators.
These challenges can hinder the implementation of digital systems in many industrial settings. Nevertheless, reputable suppliers are enhancing cybersecurity measures, enabling manufacturers to harness the benefits of new technologies for process measurement safely and securely.
For instance, ABB integrates security into its products throughout its lifecycle, enhancing operational performance and enabling customers to excel.
To ensure security, ABB conducts thorough malware scans of all products before they leave the factory and utilizes simulated attacks to assess the resilience of its software. ABB provides secure digital certificates to verify authenticity and establish passwords according to guidelines from the National Institute of Standards and Technology (NIST).
ABB also adheres to best practices to prevent interception through cloud, mobile communications, or web channels. Its participation in the Open Worldwide Application Security Project (OWASP) further supports its commitment to preventing software vulnerabilities that could compromise security.
ABB also develops solutions in accordance with IEC 62443-3-3:2013, a global standard focused on security controls that protect industrial systems from cybersecurity threats.
As part of the IEC 62443 series of standards for industrial automation and control systems (IACS) cybersecurity, IEC 62443-3-3:2013 provides a framework for implementing system-level security measures, addressing access control, data integrity, and system robustness.
Image Credit: ABB Measurement & Analytics
Giving Users the Power of Protection
ABB recognizes that users desire control over their own security. It empowers users by allowing them to modify, disable, or remove any undocumented accounts, passwords, or private/secret keys associated with ABB products. This capability enables users to implement additional security measures as they deem necessary.
ABB’s user documentation highlights areas where extra security precautions are recommended. Secure interfaces are limited to essential functions, although users may add extra interfaces if necessary.
In some of their latest innovations, ABB’s SwirlMaster and VortexMaster flowmeters now feature Ethernet-APL (Advanced Physical Layer) technology, facilitating remote monitoring and data-driven maintenance, even in hazardous environments.
The security measures incorporated into the new flowmeters include:
- Unsecured protocols disabled by default
- Encrypted communication to WebServer (https)
- Passwords required only via encrypted communication
- Mandatory password change during initial commissioning, ensuring users change the default password
- Unique identification links for each device
Collectively, these features provide robust protection against unauthorized access and tampering. Password protection establishes a traceable footprint, attributing changes to specific individuals, while encryption and the disabling of unsecured protocols help prevent data interception.
These security measures apply to all ABB’s Ethernet-APL devices and standard Ethernet CoriolisMaster and ProcessMaster flowmeters, ensuring precise and reliable flow measurement with optimal protection against cyber threats.
Image Credit: ABB Measurement & Analytics
Ensuring User Security
The rapid evolution of technology and digitalization presents ongoing risks of cyberattacks that cannot be entirely eliminated. However, these risks can be effectively managed.
ABB employs comprehensive incident handling processes as part of its Software Vulnerability Handling approach. To safeguard the integrity of its software products, ABB provides timely alerts and notifications, along with additional services such as patch management. Furthermore, ABB’s dedicated Cyber Security Organization is committed to addressing any cybersecurity issues and mitigating potential impacts.
Digital solutions offer numerous benefits, and the necessity for companies to defend against cyber threats should not impede their ability to capitalize on these advantages.
This information has been sourced, reviewed and adapted from materials provided by ABB Measurement & Analytics.
For more information on this source, please visit ABB Measurement & Analytics.