The modern IT technology is indispensable today from the classic production areas of many industrial companies. Systems and technologies from the traditional IT environment used in automation and process control, which controls the central production and supply processes and controls, more and more often: automation components such as PLCs (programmable logic controllers) communicate via TCP/IP and industrial Ethernet, process control systems running on Windows or UNIX systems, machines take their commissions from SQL databases or directly from SAP. In addition to the desired positive effects, such as cost reduction and increased productivity leads this development but also that that sensitive production processes affected are now increasingly directly from IT security threats, which they have in the field of classic Office IT”limited believed such as malicious software infection, data loss, or even access by unauthorized persons. The damage caused by IT security incidents here be easily far-reaching dimensions take, if for example as a result of a virus attack stopped production for several hours or days. Depending on the type of controlled processes can occur under circumstances even to the environmental hazards or injury. Especially problematic is that many tried and tested standard security measures from the Office IT often do not apply can be in the process – or production area.
Anti virus software or current security patches cannot be installed, because manufacturers then no longer guarantee the breaking of their systems or very elaborate testing and revalidation is needed. Most of the time, also a temporary shut-down components to play up and testing a security update is not possible because the production process must be maintained around the clock. Common security measures fail simply, that caused by the very long in comparison to the standard IT system life time often obsolete operating systems such as Windows NT or Solaris 8 are used for which no more support is provided by the manufacturer and for which also no updates are made more available. “Another problem is that many systems originally not with the design goal of security” were developed and designed individual automation components or even whole systems often already in simplest security testing, how it performs as a port scanner, fall off after a short time. In addition, the communication protocols such as Modbus TCP or the various, proprietary PLC protocols not against unauthorized read-out of information or data manipulation used in industrial environments are protected. Consequence: with freely available tools it is possible via the network stop controls to manipulate running programs, flags or delete to control PLC outputs. Even worse, that due to the growing demand for data integration and zeitnahem data access more and more interfaces between the production systems and the classic Office environment will be created both within the company as well as external partners such as suppliers and customers. Shielding critical production networks to external systems is further softened by remote maintenance system manufacturers and suppliers via a modem or VPN connections. The only briefly described, complex issues makes it clear that sophisticated and individual concepts of protection are necessary to secure production-related systems against security threats.