Industrial networks – with its convergence of PLCs, industrial protocols, SCADA systems, HMI, MES, hubs, switches, routers, firewalls, etc. – are systems on which it is necessary to:

  • Ensure the availability, integrity and confidentiality of equipment and communications.
  • Consider specific latencies for each process, often including a real time management.
  • Optimize recovery times in case of failure.

In order to achieve this, a set of best practices and specific technologies help to optimize, strengthen and increase security – availability, integrity and confidentiality – in these networks, including:

  1.  Completion of network audits – non-invasive – which allow to analyze and to know the current traffic condition and the existing visibility between different network segments.
  2. Identification of specific vulnerabilities associated to real time systems.
  3. OT networks physical and logical segmentation and fortification by means of DPI (Deep Packet Inspection) firewalls in critical areas and/or standards compliance, e.g. IEC 62443/ISA99.
  4. Attack simulations – MitM, password cracking, injections to industrial protocols, service denials – in order to check the network behavior before a specific security incident – provided that it is a controlled environment or lab.
  5. Use of specific media and protocols – RSTP, MRP, VRRP, etc. – for the design of redundant network topologies.
  6. The inclusion of non-invasive intruder detection systems based on behavior of signatures – depending on the system criticality.

For the purpose of further extending this set of best practices and technologies, Logitek has designed a Hands-on Lab in order to increase the security and availability of industrial control with a combination of hands-on workshops, theory, and discussion sessions, and the following goals:

  1. Understanding the main challenges and vulnerabilities associated to industrial networks.
  2. Knowing and using the main tools which enable to diagnose the condition of an industrial network.
  3. In-depth insight about architectures to be deployed to achieve highly available and secure networks.
  4. Hands-on sessions with devices and technologies to increase the security of industrial networks.
  5. Outline recommendations to optimize, strengthen and increase customer industrial control security networks.
Shares
Share This