Stuxnet plant virus challenges automation system thinking 03 August 2011

The Stuxnet virus has given us a wakeup call and we now need to take a fresh approach to how data is transferred and managed within all industrial control systems.

That's the view of Mitsubishi Electric's Chris Evans, who says that last year's incident involving the Stuxnet malware has shown that manufacturing automation systems architectures have vulnerabilities.

"While Stuxnet was targeted at one particular plant, it has far wider implications," he says.

Evans believes that when business managers understand the implications of doing nothing, "it is inevitable that changes to system architectures will follow".

He points out that the structure of the Stuxnet virus is now in the public domain, so mutations remain a threat and it is also sensible to assume that copycat malware will appear, targeted at a range of process plant and factory automation systems.

"It is generally accepted that gateway PCs, found in many automation architectures, represent weak points and are vulnerable to potential malware attacks from the outside, and also from CDs and USB sticks," warns Evans.

"Many of these PCs are used as networked workstations and often contain software to change and program the PLCs beneath this layer. This makes them an attractive target for anyone wishing to disrupt operations. Couple to this is the fact that many of these PCs have been poorly maintained, in terms of security patches, and often contain unsupported legacy versions of operating systems, and the risk factor is raised," he adds.

Evans warns that, although many IT security companies offer products and services to militate against attacks on PC-based systems, they deal with the symptom, rather than the cause.

He urges manufacturing and plant automation users to consider more recent system developments that offer "direct connection from the plant asset to enterprise systems within a ruggedised industrial form factor".

These systems are non PC based – so massively reducing their exposure to common virus attacks – and push data and alarm logging down to the PLC level, meaning that visualisation and control can be achieved by simple intelligent HMIs.

"By using these techniques and technology the link between plant asset and the enterprise can be achieved directly from the PLC level, thus minimising the risk," he says. "[Security] mitigation techniques can then be deployed to minimise the risk with respect to the PC-based SCADA or visualisation system."

Brian Tinham

Related Companies
Mitsubishi Electric Europe BV

This material is protected by MA Business copyright
See Terms and Conditions.
One-off usage is permitted but bulk copying is not.
For multiple copies contact the sales team.