As Control magazine editor-in-chief, Walt Boyes, mentioned in his Another one joins the club… blog post, Emerson has joined the companies who are sponsoring the security consortium feasibility study to be performed by Wurldtech Analytics.
I spoke with Bob Huba whom you may recall from an earlier post on cyber security and the DeltaV system.
Bob participated in the initial meeting to kick-off this consortium which was held prior to the Process Control Security Forum meeting last week in San Diego. He’s excited about the formation of this group because he believes that one of the things that will help automation system cyber security is the ability to certify when the automation system components or even when the system itself meets a minimum level of security or protection. Without some kind of certifying capability, it’s difficult for the end users who manage the system day-to-day and system suppliers to fully assess how secure their systems might be.
Automation system security currently has no organization like the TÜV and other certifying agencies where these suppliers can go to get a device certified for different security levels. Cyber-security testing needs some sort of agency to provide the framework for device and system testing and to help manage the information around best practices (or at least generally accepted practices) for creating and maintaining a well protected system.
Bob is really glad to see that this initiative is being driven by the user community and not just the suppliers or some testing organizations because it shows they understand and support the need for a certifying body. The system suppliers really appreciate being included in the discussion right from the beginning to capture the wealth of expertise and perspectives everyone brings.
The landscape around system security or the environment around system security is maturing rapidly and it is important that process manufacturers and suppliers work together and work quickly to address issues around cyber security. This group has set an ambitious time frame for kicking off this consortium and becoming fully functional.
Also, the scada security blog (to subscribe) has a nice wrap up of the Process Control Security Forum.
Supporting Cyber Security Testing Standards
Popular Posts
Comments
Follow Us
We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.
Do you want to reuse or translate content?
Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.
Our Global Community
Emerson Exchange 365
The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.