Machine Design
  • Resources
  • Members
  • Directory
  • Webinars
  • WISE
  • CAD Models
  • Advertise
    • Search
  • 3D Printing & CAD
  • AUTOMATION & IIOT
  • Robotics
  • Motion Systems
  • Materials
  • Video
  • Data Sheets
  • Topics
    Industry Markets3D Printing & CADAutomation & IIoTFastening & JoiningMaterialsMechanical & Motion Systems Medical DesignRobotics
    Resources
    Machine Design ResourcesWISE (Workers in Science & Engineering)Company DirectorySearch Data SheetsContributeDigital Edition ArchivesCSIA Exchange
    Members
    ContentBenefitsSubscribe
    Advertise
    https://www.facebook.com/MachineDesignMagazine/
    https://www.linkedin.com/company/10998894
    https://twitter.com/MachineDesign
    https://www.youtube.com/channel/UCXKEiQ9dob20rIqTA7ONfJg
    Machinedesign 1118 Elisabeth Eitel 0 0
    1. Community
    2. Editorial Comment

    More on Stuxnet: The search for preventives

    April 1, 2011
    Stuxnet the sophisticated computer worm that struck Iranian nuclear facilities last year has ushered in a new era of industrial cybercrime. As we discussed
    Elisabeth Eitel
    Motionsystemdesign Com Images Elisabeth Eitel

    Stuxnet — the sophisticated computer worm that struck Iranian nuclear facilities last year — has ushered in a new era of industrial cybercrime. As we discussed last month, the worm targeted VFDs slaved to PLCs by Profibus, whipping them through frequency changes to destroy attached motors.

    In contrast with traditional malware, Stuxnet exploits multiple vulnerabilities to pass its payload and wreak havoc in a very specific way. It is also the first automated malware using a modular, framework-based approach. Even so, Stuxnet derivatives may not pose an immediate threat to the average automated manufacturing line. Why? Though there's no certainty of its origins (and speculation has earned journalistic disdain for many media outlets) evidence suggests that the U.S. and Israeli governments are Stuxnet's authors. Ironically, a government-created computer virus may buy some time for manufacturers to strengthen automation-network security: Such a tailored weapon is narrowly targeted, and the virus is quite difficult to reverse engineer for repurposing.

    According to Brad Hegrat, certified information security manager and senior principle security consultant for Rockwell Automation, “A Stuxnet-type virus is highly damaging if it affects your system — but the level of expertise, engineering, and funding required to develop such a virus make that unlikely, unless your system is a very high-value target.” What a relief.

    That said, there's no crime in being proactively cautious. To reduce vulnerability to industrial security risks, manufacturers are advised to take these five actionable steps right now: Control (or even restrict) personnel access, manage passwords, keep systems updated, employ firewalls and intrusion detection, and ensure that processor keys are in Run mode to prevent unauthorized changes. According to Hegrat, these steps will prevent accidental and malicious control changes and protect IP; help manufacturers comply with emerging global standards such as ISA S99 and IEC 62443; and meet the guidelines of government offices (such as the U.S. Department of Homeland Security) and industry consortia (NERC, for example) that regulate standards of operation for critical infrastructure processes — in oil and gas, energy and power, water, and transportation, for example.

    Another option is a new breed of dedicated security appliances that monitor system control functions. One such DIN-mount mGuard module from Innominate of Phoenix Contact Inc., Middletown, Pa., is a mouse-sized unit loaded with software that goes beyond the typical pattern recognition of commercial software, to block all unsolicited connections — in and outbound. Legitimate controller communication is verified with node-specific identification. It's an interesting approach, and its designers have demonstrated that the unit stops Stuxnet in its tracks.

    Continue Reading

    A Beginner’s Guide to Design Failure Mode and Effects Analysis (DFMEA)

    Edge Computing & Gaining Value

    Sponsored Recommendations

    Smart Factory Solutions that Connect and Protect from Amphenol RF

    Nov. 28, 2023

    Stay Connected and In Control of Your Future Factories with Littelfuse

    Nov. 28, 2023

    Turn to NKK Switches for the Widest Range of Industrial-Savvy Electromechanical Switches

    Nov. 28, 2023

    Unlocking Operational Flexibility in Manufacturing with Industria IoT

    Nov. 28, 2023

    Voice your opinion!

    To join the conversation, and become an exclusive member of Machine Design, create an account today!

    I already have an account

    New

    Heavy-Duty Collaborative Palletizing System Addresses Potato Industry’s Labor Shortages

    Future-Proofing Manufacturing with 3D Printing

    5 For Friday: Salary Survey Optimism; A New (and Important) Acronym; and Ways to Unleash the Potential of Design

    Most Read

    How Much Should a Bolted Joint be Tightened?

    SCHURTER FXP Fuse Holder is Designed for High-Power Applications

    Brushed vs Brushless Motors: Which is Best for your Application?

    Sponsored

    TT Electronics and TTI: Setting the New Standard in Industrial Excellence

    Safeguarding Machines with Hard Guards and Solenoid Locking Switches

    : Is there a difference between e-stops and regular stop switches?

    Machine Design
    https://www.facebook.com/MachineDesignMagazine/
    https://www.linkedin.com/company/10998894
    https://twitter.com/MachineDesign
    https://www.youtube.com/channel/UCXKEiQ9dob20rIqTA7ONfJg
    • About Us
    • Contact Us
    • Advertise
    • Do Not Sell or Share
    • Privacy & Cookie Policy
    • Terms of Service
    © 2023 Endeavor Business Media, LLC. All rights reserved.
    Endeavor Business Media Logo