ISA Interchange

Welcome to the official blog of the International Society of Automation (ISA).

This blog covers numerous topics on industrial automation such as operations & management, continuous & batch processing, connectivity, manufacturing & machine control, and Industry 4.0.

The material and information contained on this website is for general information purposes only. ISA blog posts may be authored by ISA staff and guest authors from the automation community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

Stronger than Firewalls: Cybersecurity Protects Industrial Site Safety

This is an abstract that will be presented at ISA Automation Week 2012 in Orlando, Florida.

This session is in the Security Track: Infrastructure Security and Threats Worldwide

Presented by:  Andrew Ginter,  Director of Industrial Security, Waterfall Security Solutions

The evidence of increasing inter-connectedness surrounds us: cell phones pull information from both public and private sources, IT teams struggle to integrate tablet computers into IT and security infrastructures, and wireless communications is pervasive, even throughout industrial networks. Ubiquitous connectivity is great for consumers, and is even good for most businesses, but the owners and operators of large and dangerous industrial processes ask a different question.

Is this safe?

A majority of the world's security experts do not understand the question. There is enormous value in sharing information produced in industrial processes, and the "expert" response to securing such sharing is to deploy a firewall, or perhaps several layers of firewalls, each from a different vendor. Increasingly, industrial owners and operators are concluding that the "expert" response represents an unacceptable risk, and are turning to hardware-enforced unidirectional communications technologies instead. Unidirectional communications allow business-critical information to flow out of industrial networks, without opening those safety-critical networks to any risk of attack due to sharing that information.

Join us as we explore how asset owners in many industries are protecting the safety of their industrial networks, by protecting those networks absolutely from attacks originating on external networks. This presentation briefly covers modern threats to safety and security, explains why firewalls are inadequate to protect modern highly-connected networks, and very quickly introduces hardware-enforced unidirectional communications. We then dive into use cases in conventional power generation, water systems, and upstream oil and gas. For each use case, challenges, solutions and end-user experiences are discussed. An universal observation by asset-owners is that unidirectional communications are much easier to manage than are modern firewalls. The hardware protections built in to unidirectional communications eliminate the possibility of software configuration errors and omissions which put industrial processes at risk.If your IT teams are working hard to keep firewall protections current and robust, join us to learn about this less-well-known, but still widely deployed alternative.

About Andrew Ginter
Andrew Ginter is the Director of Industrial Security at Waterfall Security Solutions. He spent the first part of his career developing systems-level and control system products for a number of vendors, including Honeywell and Hewlett-Packard. At Agilent Technologies, he led the development of middleware products connecting industrial control systems to the SAP enterprise resource planning system. As Chief Technology Officer at Industrial Defender, Andrew led the development of the core industrial security product suite. At present, Andrew represents Waterfall Security Solutions on standards bodies and works with customers to incorporate Waterfall Unidirectional Gateways into their industrial network designs. Andrew holds degrees in Mathematics and Computer Science from the University of Calgary, as well as ISP, ITCP, and CISSP accreditations.

 


Related Posts

Checking In With Mimo, ISA's Large Language Model Trained on ISA Content

Over the summer of 2024, the International Society of Automation (ISA) announced a large language model (...
Kara Phelps Nov 15, 2024 7:00:00 AM

Ask the Automation Pros: The Use of Artificial Intelligence in Process Control

The following discussion is part of an occasional series, "Ask the Automation Pros," authored by Greg McM...
Greg McMillan Nov 12, 2024 4:30:00 PM

Protecting Electrical Terminal Blocks From Tampering

Electrical terminal blocks are a common sight in the automation world. Usually mounted on DIN rail in ind...
Anna Goncharova Nov 8, 2024 10:30:00 AM