Page 20 - CDM-Cyber-Warnings-January-2014
P. 20
Security Challenges in Industrial Control Systems Milica Djekic, an Online Marketing Coordinator at Dejan SEO and the Editor-in-Chief at Australian Science Magazine Modern industrial systems and factories as well as electrical power systems are strategically important locations for every country or region in the world. These systems are primarily based on emerging technologies which are related to novel control systems. The entire industry system is very complex, but generally it has its weaknesses which could be a target of a potential attacks or sabotage. In this article we present an organization of the entire factory and the concerning points in such a system. Introduction The majority of today's factories covers tasks with diverse information requirements. In order to integrate each task and meet the needs related to message communications, a factory automation networking is usually organized as a three-layer architecture: (1) Device-connection layer: The purpose of the networks in the device-connection layer is to decrease the amount of wiring between controllers and devices, such as actuators and sensors. The typically implemented networks contain controller area network (CAN), DeviceNet and Fieldbus. (2) Equipment-control layer: The networks in the equipment-control layer serve as communications among controllers and equipment. Messages in this layer are commonly requested to be sent and received in deterministic time. Its role is to link a resource computer and the NETwork (ARCNET), ControlNet, and Serial Real-time Communications System (SERCOS). (3) Information-management layer: The networks in the information-management layer are able to assure various services like manufacturing execution system (MES), shop floor control (SFC), manufacturing information system (MIS), database access, production information management, file transfer and so on. These networks are supposed to connect with Internet and can exchange a vast amount of information in irregular periods. The message-delivery time is not critical in this layer. Although Ethernet as the primary component of the Internet has been used in office and enterprise networks, the information management layer normally includes Ethernet. Critical Points in a Factory System At the next stage of this review, if we observe a factory as a set of control systems which are connected to each other, we can notice that the greatest weaknesses in such systems which can be exposed to attacks and threats are its computing units and communications lines. In case of an industrial system or a factory, control systems which are frequently used are Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems + % %! ! & , ! . !( %+ ' "! "#+% ' - + % !& , ! % '& % & %) *"% *
