Sign In Help
Schneider Electric
HelpSign In
Schneider Electric Exchange
  • Home
  • Collaborate
  • Develop
  • Shop
Home Collaborate Develop Shop Log in or Register Help

Invite a Co-worker

Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel

Invitation Sent

Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
  • Home
  • Collaborate
  • Exchange Community
  • :
  • Industrial Automation
  • :
  • Level and Pressure Instrumentation Forum
  • :
  • Re: Instrumentation Cybersecurity Lessons Learned From the Field
Community Menu
  • Forums
    • By Topic
        • EcoStruxure IT
          • EcoStruxure IT forum
        • Industrial Automation
          • Industry Automation and Control Forum
          • Alliance System Integrators Forum
          • Machine Solutions in the Digital Transformation
          • EcoStruxure Automation Expert / IEC 61499 Forum
          • Industrial Edge Computing Forum
          • Level and Pressure Instrumentation Forum
          • Modicon User Group
          • PLC Club Indonesia
          • SEE Automation Club Forum
          • Fabrika ve Makina Otomasyonu Çözümleri
          • Форум по промышленной автоматизации СНГ
        • SCADA & Telemetry Solutions
          • Geo SCADA Expert Forum
          • SCADA and Telemetry Devices Forum
        • Power Distribution IEC
          • Power Distribution and Digital
          • Power Standards & Regulations
          • Paneelbouw & Energie Distributie
        • Power Distribution Softwares
          • EcoStruxure Power Design Forum
          • SEE Electrical Building+ Forum
          • LayoutFAST User Group Forum
        • Solutions for your Business
          • Solutions for Food & Beverage Forum
          • Solutions for Healthcare Forum
    • By Segment
        • Food & Beverage
          • Solutions for Food & Beverage Forum
        • Healthcare
          • Solutions for Healthcare Forum
      • EcoStruxure IT
        • EcoStruxure IT forum
      • Industrial Automation
        • Industry Automation and Control Forum
        • Alliance System Integrators Forum
        • Machine Solutions in the Digital Transformation
        • EcoStruxure Automation Expert / IEC 61499 Forum
        • Industrial Edge Computing Forum
        • Level and Pressure Instrumentation Forum
        • Modicon User Group
        • PLC Club Indonesia
        • SEE Automation Club Forum
        • Fabrika ve Makina Otomasyonu Çözümleri
        • Форум по промышленной автоматизации СНГ
      • SCADA & Telemetry Solutions
        • Geo SCADA Expert Forum
        • SCADA and Telemetry Devices Forum
      • Power Distribution IEC
        • Power Distribution and Digital
        • Power Standards & Regulations
        • Paneelbouw & Energie Distributie
      • Power Distribution Softwares
        • EcoStruxure Power Design Forum
        • SEE Electrical Building+ Forum
        • LayoutFAST User Group Forum
      • Solutions for your Business
        • Solutions for Food & Beverage Forum
        • Solutions for Healthcare Forum
      • Food & Beverage
        • Solutions for Food & Beverage Forum
      • Healthcare
        • Solutions for Healthcare Forum
  • Blogs
    • By Topic
        • Industrial Automation
          • Industrial Edge Computing Blog
          • Industry 4.0 Blog
          • Industrie du Futur France
        • SCADA & Telemetry Solutions
          • SCADA and Telemetry Blog
        • Power Distribution IEC
          • Power Events & Webinars
          • Power Foundations Blog
        • Power Distribution NEMA
          • NEMA Power Foundations Blog
        • Power Distribution Softwares
          • EcoStruxure Power Design Blog
          • SEE Electrical Building+ Blog
        • Solutions for your Business
          • Solutions for Food & Beverage Blog
          • Solutions for Healthcare Blog
          • Solutions for Retail Blog
        • Community experts & publishers
          • Publishers Community
    • By Segment
        • Food & Beverage
          • Solutions for Food & Beverage Blog
        • Healthcare
          • Solutions for Healthcare Blog
        • Retail
          • Solutions for Retail Blog
      • Industrial Automation
        • Industrial Edge Computing Blog
        • Industry 4.0 Blog
        • Industrie du Futur France
      • SCADA & Telemetry Solutions
        • SCADA and Telemetry Blog
      • Power Distribution IEC
        • Power Events & Webinars
        • Power Foundations Blog
      • Power Distribution NEMA
        • NEMA Power Foundations Blog
      • Power Distribution Softwares
        • EcoStruxure Power Design Blog
        • SEE Electrical Building+ Blog
      • Solutions for your Business
        • Solutions for Food & Beverage Blog
        • Solutions for Healthcare Blog
        • Solutions for Retail Blog
      • Community experts & publishers
        • Publishers Community
      • Food & Beverage
        • Solutions for Food & Beverage Blog
      • Healthcare
        • Solutions for Healthcare Blog
      • Retail
        • Solutions for Retail Blog
  • Ideas
        • Industrial Automation
          • Modicon Ideas & new features
        • SCADA & Telemetry Solutions
          • Geo SCADA Expert Ideas
          • SCADA and Telemetry Devices Ideas
  • Knowledge Center
    • Building Automation Knowledge Base
    • Industrial Automation How-to videos
    • Ask Exchange
    • Digital E-books
    • Success Stories Corner
    • Power Talks
  • Events & Webinars
  • Support
    • User Guide
    • Leaderboard
    • Releases Notes
How can we help?
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
49466members
Join Now
242757posts
Join Now

Instrumentation Cybersecurity Lessons Learned From the Field

Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Back to Level and Pressure Instrumentation Forum
Jeff_Blair
Lt. Commander Jeff_Blair Lt. Commander
Lt. Commander
‎2020-09-10 08:33 AM
1 Like
6
816
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
‎2020-09-10 08:33 AM

Instrumentation Cybersecurity Lessons Learned From the Field

As a hopeful helpful reminder and conversation starter, I'm interested in what end users are doing to ensure the cybersecurity of their traditional wired instrumentation.  Needless to say, hacking into an instrument and changing the configuration may bring undesired results.  My experience has been preventing physical tampering with instrumentation and associated wiring as a cybersecurity measure.  Here are some of the lessons learned:

 

  • If the instrument has a display or configurable pushbuttons, ensure a security code is enabled and different from the default.
  • Provide physical hardening of the instrument including (but not limited to) using instrumentation enclosures and cabinets.
  • If available, install physical locks on the instrument display cover to limit tampering.
  • Most instrumentation can be configured remotely from the wiring.  Ensure instrumentation wiring is secure in a cable tray or conduit and is not easily accessible. Physical Enclosures For Instruments.PNG

     

    Physical Locks On Instrument Covers.PNG

     

    Change the Display Passcode.PNG

     

 

Labels
  • Good to know
  • How to
  • question
  • Tips & tricks
Tags (1)
  • Tags:
  • english
Share
Reply
  • All forum topics
  • Previous Topic
  • Next Topic
6 Replies 6
bipinzacharia
Crewman bipinzacharia Crewman
Crewman
‎2020-09-11 12:18 AM
2 Likes
1
772
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
‎2020-09-11 12:18 AM

BuRe: Instrumentation Cybersecurity Lessons Learned From the Field

Hi,

By adding the feature, I have few queries on the cyber security

 

a)what level of security is achieved?

b) Are we adhering to any standard? If Yes, which standard and version of the same?

Tags (1)
  • Tags:
  • english
Share
Reply
rhbbatista
Lieutenant JG rhbbatista
Lieutenant JG
‎2020-09-14 06:25 AM
1 Like
2
692
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
‎2020-09-14 06:25 AM

Re: Instrumentation Cybersecurity Lessons Learned From the Field

https://blog.se.com/cyber-security/2020/08/19/ot-cybersecurity-for-industrial-sensors-the-why-and-th...

 

An interesting article that is pertinent to the subject raised, and warns of the lack of attention with issues related to cyber security referenets to sensors (instrumentation included).
And I think an important warning to the new protocols based on ethernet that are emerging for instrumentation.

 

"While most traditional OT cybersecurity efforts are focused more on critical SCADA systems, PLCs, and other ethernet-linked devices, sensors are often ignored, even those that are ethernet connected. Yet sensors provide the data from which many control-based decisions are made, and thus, also should fall under the critical assets category for representing the process."

 

Notice that the article was republished on the ISA blog: https://gca.isa.org/blog/ot-cybersecurity-for-industrial-sensors-the-why-and-the-how?utm_campaign=bl...

 

This raises an interesting question: Will the choice of instrumentation communication protocols impact on the level of security of the plant and its costs with protection (cyber security)?

How may I help with Instrumentation?
Tags (1)
  • Tags:
  • english
Share
Reply
Jeff_Blair
Lt. Commander Jeff_Blair Lt. Commander
Lt. Commander
‎2020-09-14 07:57 AM
1 Like
0
684
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
‎2020-09-14 07:57 AM

Re: BuRe: Instrumentation Cybersecurity Lessons Learned From the Field

bipinzacharia 
 

 

 

Thanks for the feedback and inquiry.  To my knowledge, there is no specific code, standard, or recommendation that specifically addresses instrumentation cybersecurity.  ISA 62443 addresses the entire automation system including devices but there isn't much in there for instrumentation - it's recommendations are written around control systems, PLCs, DCSs, etc.

Some end users have adopted best practices and/or internal company standards and specifications that are similar to what I wrote, but nothing that's in the public domain that I'm aware of.

The US relies on the National Cybersecurity and Communications Integration Center (NCCIC), the Industrial Control Systems Cyber Emergency Response Team’s (ICS-CERT) 

and National Institute to Standards and Technology (NIST).  All three organizations have great cooperative recommendations.  With all three I see great recommendations for control systems and computer networks, but not much regarding the actual field devices.

 

To answer your questions:

1.  None that I am aware of.  However, the physical security of instrumentation prevents tampering from would be nefarious personnel or curious tinkerers.  That lack of tampering helps keep the instrument and it's connected control system secure.

2.  I'm going to assume that the practices I listed certainly help towards compliance with ISA 62443 and certainly agree with the published guidance issued by NCCIC, ICS-CERT and NIST.  But, no, I'm not aware of any specific standard met by these lessons.

 

 

Tags (1)
  • Tags:
  • english
Share
Reply
Jeff_Blair
Lt. Commander Jeff_Blair Lt. Commander
Lt. Commander
‎2020-09-14 08:08 AM
1 Like
1
682
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
‎2020-09-14 08:08 AM

Re: Instrumentation Cybersecurity Lessons Learned From the Field

Thanks Ricardo. That article by Michael Pyle is enlightening and spot on.  I agree with all your points.

 

My cybersecurity experience is primarily the physical security of instrumentation to prevent any tampering.  Imagine tampering with an instrument that is not protected (it's in the open, not in a cabinet, and has a display with pushbuttons and no password).  A curious passerby or someone trying to deliberately change the configuration may be able to show a gas line pressure is actually much lower than what it really is.  The control system now thinks the pressure is low so perhaps it allows an increase in pressure - which would be very dangerous.

 

Protocols play a role for sure.  As protocols become more like what most home computer users are used to (i.e. ethernet), we as vendors and product managers play a more critical role in helping customers learn from our collective knowledge and experience how to keep their systems safe.


I believe a standard or code will come forward in the not too distant future to address these concerns.

Tags (1)
  • Tags:
  • english
Share
Reply
bipinzacharia
Crewman bipinzacharia Crewman
Crewman
‎2020-09-14 08:24 AM
2 Likes
0
679
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
‎2020-09-14 08:24 AM

Re: Instrumentation Cybersecurity Lessons Learned From the Field

Thanks Jeff & Ricardo,

 

 

Share
Reply
Beahan
Beahan
Cadet
‎2020-11-21 03:57 AM
1 Like
0
300
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content
‎2020-11-21 03:57 AM

Re: Instrumentation Cybersecurity Lessons Learned From the Field

Thanks for the information, keep sharing this type of info

Tags (2)
  • Tags:
  • answer
  • english
Share
Reply
Find a Service Provider
Find a certified partner to help you address your integration, installation, maintenance and project needs.
View all Providers
Support

Have a question? Please contact us with details, and we will respond.

Contact Us
FAQ

Look through existing questions to find popular answers.

Learn More
About

Want to know more about Exchange and its possibilities?

Learn More

Full access is just steps away!

Join Exchange for FREE and get unlimited access to our global community of experts.

Connect with Peers & Experts

Discuss challenges in energy and automation with 30,000+ experts and peers.

Get Support in Our Knowledge Base

Find answers in 10,000+ support articles to help solve your product and business challenges.

Ask Questions. Give Solutions

Find peer based solutions to your questions. Provide answers for fellow community members!

Register today for FREE

Register Now

Already have an account?Log in

About Us FAQ Terms & Conditions Privacy Notice Change your cookie settings
©2020, Schneider Electric