Five Steps to Achieve Defense-in-Depth

Take these actions to establish and maintain industrial security capabilities.

C. Kenna AmosContributing Editor
Feb 3rd, 2014

Note: This is a sidebar to the January feature, "Practical Steps to Secure Industrial Networks."

Rockwell Automation’s Gregory Wilcox and Cisco Systems’ Paul Didier suggest these actions to get the operational process required to establish and maintain the security capability:

  1. Identify the automation and control-system asset device types and locations within the plant-wide/site-wide network infrastructure.
  2. Identify the potential and external vulnerabilities and threats to those assets—and assess the associated risks.
  3. Understand application and functional requirements of automation and control-system assets, such as 24/7 operations, communication patterns, topology, required resiliency and traffic types.
  4. Understand the associated risks of balancing the application needs and functional needs.
  5. Understand and balance the requirements of the assets with the need to protect the availability, integrity and confidentiality of automation and control-system asset data.

Companies in this article
Cisco
Rockwell Automation
Mitsubishi Electric MelSec remote I/O module with safety functions.
The Differences Between Local and Remote I/O
Understanding how local and remote I/O modules work can benefit your operations through improved safety, less wiring, and standardization for spare parts and engineering drawings.
Mar 8th, 2022
Picture1
Lenovo Introduces the Powerful and Flexible ThinkEdge SE70 Edge AI Platform
Oct 14th, 2021
2 High Flex Cable Assemblies
L-com Debuts New Short Length, High-Flex Cat5e Cable Assemblies for Use in Confined Space Applications
Aug 3rd, 2021
Lmp C602g Sfp Bt V2 1
Antaira Releases New Compact 6-Port Managed 802.3bt PoE & Non-PoE Industrial Ethernet Switches
The LMP-C602G-SFP-bt(-T)-V2 series of light Layer 3 industrial managed Ethernet switches feature a 48 to 55V DC high voltage power input and a 12 to 48V DC wide voltage power input.
Jun 16th, 2021
ThinkEdge SE30
Lenovo Reveals New ThinkEdge Portfolio of Embedded Computers
新ThinkEdge SE30和 SE50数字transfo启用rmation at the edge for healthcare, retail, manufacturing and all data-dependent industries.
May 3rd, 2021
LOGO! 8.3 Logic Modules
Sponsored
LOGO! 8.3 Logic Modules
LOGO! module now performs functions previously reserved for larger controllers. Users are no longer limited by the storage volume of the SD card but can now send it to the cloud.
Apr 26th, 2022
11 Axiomtek Edge Ai System
Edge AI System
The AIE100-903-FL-NX by Axiomtek features remote management capabilities and supports Nvidia JetPack 4.4 for development in AI computing and deep learning applications.
Feb 13th, 2021
2 Antaira Technologies Unmanaged Industrial Ethernet Switches
Unmanaged Industrial Ethernet Switches
The LNX-1600 series by Antaira Technologies is built to serve manufacturer's edge-level networking application needs in harsh and outdoor environments.
Feb 4th, 2021
11 Antaira High Power Ethernet Switches
High-Power Ethernet Switches
Antaira Technologies recently announced the expansion of their 902.3bt PoE Ethernet family. Find out how their new seven-port managed Ethernet switches are designed to address high-power needs industrial needs.
Jan 29th, 2021
Signal Fire
Sensor Network-to-Cloud System
Discover the benefits of SignalFire's wireless sensor network integration with Machfu's industrial IoT gateway.
Dec 8th, 2020
Swift Wireless Sensor
Wireless Sensor System
Swift Sensor's new Series 3 wireless sensor features increased sensor range, extended battery life, one-touch sensor activation for immediate measurements, and much more.
Dec 4th, 2020
Error Detection Automation Simplified: Introducing the In-Sight 2800
Sponsored
Error Detection Automation Simplified: Introducing the In-Sight 2800
See how easily the Cognex In-Sight 2800 can automate error detection. Powered by deep learning, it can solve a wide range of inspection applications quickly and easily — no programming experience required.
Apr 20th, 2022
Red Lion Remote Access
Remote Access Platform
Red Lion's industrial-grade routers enable fast setup, seamless connectivity, and a centralized monitoring system.
Dec 2nd, 2020
Josh玻璃、铅自动化工程师/ Network Specialist at Panacea Technologies
Network Needs Versus Network Nicety
Find out the requirements a Panacea Technologies’ Networking Expert recommends you consider before determining a switch manufacturer for your next networking project.
Nov 23rd, 2020
This image highlights how Single Pair Ethernet technology fits within industry standards, components, and devices, as well as the varied applications into which it can extend.
Single Pair Ethernet Explained
This article describes Single Pair Ethernet (SPE) and its applications in industry to help users better understand this emerging Ethernet technology.
Nov 5th, 2020
Carlo Gavazzi Dc Switching Solid State Relays
Switching Relays Offer Low Power Dissipation Output
Are designed for applications that require critical response times and rapid cycling
Nov 2nd, 2020
Lnx 1600 1
High-Port Count Industrial Unmanaged Ethernet Switches
Antaira Technologies has announced the expansion of its industrial networking infrastructure family with the introduction of the LNX-1600 series.
Oct 28th, 2020
Inj C200 G Bt T 1
Antaira Technologies’ IEEE 802.3bt Gigabit Type 4PPoE Injector
Antaira Technologies has announced the expansion of its industrial networking infrastructure family with the introduction of the INJ-C200G-bt-T.
Oct 20th, 2020
Pr132020 Beckhoff El51xx Web
EtherCAT Terminals
Beckhoff Automation introduces EL51xx EtherCAT terminals with built-in incremental signal analysis functionality.
Oct 14th, 2020
Csm 19 10 17 Smart Ex 02 366c3d6986
Pepperl+Fuchs’ ecom Introduces New Smartphone Smart-Ex 02 for Hazardous Areas
The explosion-proof smartphone for Zone 1/21 and Div. 1 is an AT&T Network Ready Device.
Oct 6th, 2020
More in Networks
Power Quality
Denison Technologies Integrates HMS Networks’ Edge Gateways Into Their Power Quality Monitoring System
Denison Technologies and HMS Networks partner to bring a product that delivers industrial reliability and reduced unplanned downtime through continuous power monitoring.
Sep 25th, 2020
Ec Js 20200706 04 Group Image Serial Gateways Device Master
Pepperl+Fuchs Reveals Newly Integrated DeviceMaster Products
DeviceMaster gateways link the world of serial communication to Internet of Things.
Sep 17th, 2020
Overview Io Link
Starter Kits Provide Inexpensive Entry into Balluff IO-Link
Measurement, sensing, and traceability versions available at promotional pricing.
Sep 17th, 2020
Pina
PI North America Announces Website Expansion to the Spanish Language
PI North America, the non-profit member-supported organization for PROFIBUS and PROFINET technologies in North America, announces an expansion of its website to the Spanish language.
Sep 14th, 2020
Mac Sec Swiches
Wago’s New Managed Switches Provide Leading-Edge Network Security
Managed switches from Wago provide point-to-point network security that protects against numerous threats.
Sep 10th, 2020
Sp Et111 1600x800 0
T1 Industrial Connector for Industrial Single Pair Ethernet
Harting's T1 industrial connector mating face is standardized according to IEC 63171-6 (formerly IEC 61076-3-125) and meets IEEE 802.3 requirements for Single Pair Ethernet, and also works across common industrial protocols.
Sep 8th, 2020
Thomas Rettig states “As the inventor of EtherCAT, Beckhoff is pleased with the overwhelming response despite the fact that the openness of EtherCAT generates more competition. On the other hand, Beckhoff customers benefit from the greatest diversity of devices on the market.”
Beckhoff Technology Sets Vendor ID Record
EtherCAT科技集团发布了第3000 EtherCAT vendor ID in July 2020. Beckhoff introduced the EtherCAT real-time Ethernet system to the market in 2003 and disclosed its details within the ETG the same year.
Sep 1st, 2020
Eigr C3 White Label 5 19
EIGR-C3 Gigabit Cellular Router Now Available
The EIGR-C3 Gigabit Cellular Router from Contemporary Controls is a high-speed router that links cellular to 10/100/1000 Mbps Internet Protocol (IPv4) networks.
Aug 4th, 2020
Pr Io Link Masters No Bkgd
IIoT-Enabled Network Blocks for Digital Industrial Transformation
Carlo Gavazzi's Y Series feature an embedded web interface and OPC UA for full remote access and control of the IO-Link master and connected devices.
Aug 4th, 2020
Io Field2
Wago’s New I/O System Field Provides Dependable, Cabinet-Free Automation
Wago's I/O System Field is equipped with innovative load management. Current and voltage levels can be recorded and evaluated, and overload limits and alarms can be set for each channel providing system reliability.
Jul 30th, 2020
Lnp 1204g 10g Sfp (v2) 1
Antaira’s 12-Port 10G Unmanaged Industrial Ethernet Switches
Antaira Technologies's 10-Gb unmanaged Ethernet switches are industrial-grade and are designed for various markets’ edge-level networking applications in manufacturing automation, power/utility, water wastewater, and oil/gas/mining.
Jul 29th, 2020
Inbacprt1 K20000 Side L Btl
New Intesis Gateway Makes Communication Between Profinet and BACnet Easy
A new IntesisTM protocol translator for communication between PROFINET PLCs on factory floors and Building Management Systems with BACnet IP/MSTP.
Jul 24th, 2020