STRIDE SiteLink User Manual 1st Ed., Rev. A Appendix C Appxc

User Manual: Appendix C STRIDE SiteLink Series Industrial VPN Router - AutomationDirect

Open the PDF directly: View PDF PDF.
Page Count: 4

DownloadSTRIDE SiteLink User Manual 1st Ed., Rev. A Appendix C Appxc
Open PDF In BrowserView PDF
Safety and Security
Considerations
In this Appendix...

Appendix

C

Security Considerations for Control Systems Networks........................................... C-2
Safety Guidelines........................................................................................................ C-3
Plan for Safety .......................................................................................................... C-3
Digital Input Safety Lockout...................................................................................... C-4

Appendix C: Safety and Security Considerations

1
2
3
4
5
6
7
8
9
10
11
12
13
14
A
B
C
D

Security Considerations for Control Systems Networks

C-2

A video providing an overview of security considerations is
accessible by clicking the thumbnail at the right, or by copying
the following URL to your browser:
https://www.AutomationDirect.com/VID-CM-0028
Manufacturers are realizing that to stay competitive, their Automation and Control Systems
need to be more integrated within their plant. The systems often need to be integrated with
upstream Enterprise Data Systems, and even further integrated to allow information to be
accessible across multiple plants, or even through the Internet. This convergence of the IT
world with the Automation World creates challenges in maintaining secure systems and
protecting your investments in processes, personnel, data and intellectual property.
While Automation Networks and Systems have built-in password protection schemes, this
is only one very small step in securing your systems. Automation Control System Networks
need to incorporate data protection and security measures that are at least as robust as a
typical business computer system. We recommend that users of PLCs, HMI products and
SCADA systems perform your own network security analysis to determine the proper level of
security required for you application. However, the National Security Agency has provided
direction related to network security and safety under an approach described as “Defense in
Depth”, which is published at http://www.nsa.gov/ia/_files/support/defenseindepth.pdf.
This comprehensive security strategy involves physical protection methods, as well as process
and policy methods. This approach creates multiple layers and levels of security for industrial
automation systems. Such safeguards include the location of control system networks behind
firewalls, their isolation from business networks, the use of intrusion detection systems, and
the use of secure methods for remote access such as Virtual Private Networks (VPNs).
Further, users should minimize network exposure for all control system devices and such
control systems and these systems should not directly face the internet. Following these
procedures should significantly reduce your risks both from external sources as well as internal
sources, and provide a more secure system.
It is the user’s responsibility to protect such systems, just as you would protect your computer
and business systems. AutomationDirect recommends using one or more of these resources in
putting together a secure system:
•
•

•

US-CERT’s Control Systems Security Program at the following web address:
www.us-cert.gov/control_systems/
Special Publication 800-82 of the National Institute of Standards and Technology –
Guide to Industrial Control Systems (ICS) Security http://csrc.nist.gov/groups/SMA/
fisma/ics/documents/oct23-2009-workshop/nist-ics3_10-23-2009.pdf
ISA99, Industrial Automation and Control Systems Security http://www.isa.org/
MSTemplate.cfm?MicrositeID=988&CommitteeID=6821 (please note this is a summary
and these standards have to be purchased from ISA)

STRIDE® SiteLink Series Industrial VPN Routers User Manual

1st Edition, Rev. A

Appendix C: Safety and Security Considerations
This set of resources provides a comprehensive approach to securing a control system network
and reducing risk and exposure from security breaches. Given the nature of any system that
accesses the internet, it is incumbent upon each user to assess the needs and requirements
of their application, and take steps to mitigate the particular security risks inherent in their
control system

Safety Guidelines
NOTE: Products with CE marks perform their required functions safely and adhere to relevant standards as
specified by CE directives provided they are used according to their intended purpose and that the instructions
in this manual are adhered to. The protection provided by the equipment may be impaired if this equipment is
used in a manner not specified in this manual. A listing of our international affiliates is available on our Web site:
https://www.AutomationDirect.com
WARNING: Providing a safe operating environment for personnel and equipment is your responsibility
and should be your primary goal during system planning and installation. Automation systems can fail
and may result in situations that can cause serious injury to personnel or damage to equipment. Do not
rely on the automation system alone to provide a safe operating environment. You should use external
electromechanical devices, such as relays or limit switches, that are independent of the PLC application
to provide protection for any part of the system that may cause personal injury or damage. Every
automation application is different, so there may be special requirements for your particular application.
Make sure you follow all national, state, and local government requirements for the proper installation
and use of your equipment.

Plan for Safety
The best way to provide a safe operating environment is to make personnel and equipment
safety part of the planning process. You should examine every aspect of the system to
determine which areas are critical to operator or machine safety. If you are not familiar with
control system installation practices, or your company does not have established installation
guidelines, you should obtain additional information from the following sources.
• NEMA — The National Electrical Manufacturers Association, located in Washington,
D.C. publishes many different documents that discuss standards for industrial control
systems. You can order these publications directly from NEMA. Some of these include:
ICS 1, General Standards for Industrial Control and Systems
ICS 3, Industrial Systems
ICS 6, Enclosures for Industrial Control Systems
• NEC — The National Electrical Code provides regulations concerning the installation and
use of various types of electrical equipment. Copies of the NEC Handbook can often be
obtained from your local electrical equipment distributor or your local library.
• Local and State Agencies — many local governments and state governments have additional
requirements above and beyond those described in the NEC Handbook. Check with your
local Electrical Inspector or Fire Marshall office for information.

STRIDE® SiteLink Series Industrial VPN Routers User Manual

1st Edition, Rev. A

1
2
3
4
5
6
7
8
9
10
11
12
13
14
A
B
C
D

C-3

Appendix C: Safety and Security Considerations

Digital Input Safety Lockout

1
2
3
4
5
6
7
8
9
10
11
12
13
14
A
B
C
D
C-4

A video providing an overview of using the SiteLink router’s
Digital Input as a part of your safety lockout procedures is
accessible by clicking the thumbnail at the right, or by copying
the following URL to your browser:
https://www.AutomationDirect.com/VID-CM-0034

STRIDE® SiteLink Series Industrial VPN Routers User Manual

1st Edition, Rev. A
Source Exif Data: 
File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.6
Linearized                      : Yes
Author                          : AutomationDirect
Create Date                     : 2017:12:18 14:40:05-05:00
Modify Date                     : 2017:12:18 15:04:37-05:00
Subject                         : STRIDE SiteLink Remote Access Solution
Has XFA                         : No
Language                        : en-US
Tagged PDF                      : Yes
XMP Toolkit                     : Adobe XMP Core 5.6-c015 84.159810, 2016/09/10-02:41:30
Format                          : application/pdf
Title                           : STRIDE SiteLink User Manual 1st Ed., Rev. A
Creator                         : AutomationDirect
Description                     : STRIDE SiteLink Remote Access Solution
Metadata Date                   : 2017:12:18 15:04:37-05:00
Creator Tool                    : Adobe InDesign CC 2017 (Windows)
Instance ID                     : uuid:5f6dc706-2153-402b-8176-bf3f624ad6ef
Original Document ID            : xmp.did:AC8300A79C14E311B497E908AC6DEAF6
Document ID                     : xmp.id:dfc9f84e-61ce-e842-baf7-cf8a2e7d76d7
Rendition Class                 : proof:pdf
Derived From Instance ID        : xmp.iid:45b9eeb2-843a-7347-b9b9-649ecc8837f5
Derived From Document ID        : xmp.did:c8b690c7-ece1-f446-9d6d-669d1e39dfa9
Derived From Original Document ID: xmp.did:AC8300A79C14E311B497E908AC6DEAF6
Derived From Rendition Class    : default
History Action                  : converted
History Parameters              : from application/x-indesign to application/pdf
History Software Agent          : Adobe InDesign CC 2017 (Windows)
History Changed                 : /
History When                    : 2017:12:18 14:40:05-05:00
Producer                        : Adobe PDF Library 15.0
Trapped                         : False
Page Mode                       : UseOutlines
Page Count                      : 4
EXIF Metadata provided by EXIF.tools

Navigation menu