Siemens Cybersecurity System Protects Production Environments
SiberProtect limits the impact of a cyber attack within milliseconds, resulting in the identification of the infected production equipment groups or plant networks.
Siemens’ SiberProtect is designed to protect critical infrastructure and operational technology (OT) systems at various industrial centers, including power plants, water treatment facilities, all types of discrete manufacturing enterprises, military depots, data centers and control stations. SiberProtect brings the SOAR (Security, Orchestration, Automation, Response) concept to cyber-physical systems with an OT-friendly and OT-managed methodology.
According to Siemens, SiberProtect can respond to and dramatically limit the impact of a cyber attack within milliseconds, resulting in the identification of the infected production equipment groups or plant networks and enabling full visibility and a fast initial response at the automation system level. This quick response leads to much easier remediation and resumption of normal operations, usually in less than a day.
Working in conjunction with Siemens Scalance S industrial security appliances, SiberProtect can securely place OT into a safe, isolated condition, after determining the credible identification of a cyberattack through threat detection technology, including intrusion Detection Systems, Next Generation Firewalls, Endpoint Solutions, Threat/Risk Intelligence and other attack or intrusion detection platforms, often enhanced with AI and machine learning capabilities. SiberProtect then initiates a rule-based notification, network isolation and equipment management sequence to protect the selected equipment, as well as other desired response actions. Rapid assessment and remediation can then be performed, vastly limiting the risk of additional malware contamination. Work cells and equipment clusters can continue operation, while SiberProtect prevents recontamination during remediation.
SiberProtect further provides detailed situational awareness, alerting operators to the exact nature of the threat, where it was detected in the network and a criticality level. This level of immediately available detail allows the response engine to simultaneously execute emergency measures to alleviate predetermined worst-case scenarios. Unlike a conventional system that merely sends messages to an SOC (Security Operations Center), the SiberProtect system is linked directly to network firewalls, automation hardware and a prioritized system of alarms to facilitate isolation of equipment and jumpstart the cyber incident response. After a thorough introduction to SiberProtect, many automation engineers label it a cyber safety system or Cyber-SIS.
Other key features of SiberProtect include the ability to automatically activate emergency backup equipment, interface with legacy technology such as ethernet hubs, recover one segment or “restore all” functionality, isolate from the site IT network to prevent attack and provide all the benefits of a truly industrial solution.
Related Content
-
Sustainability Analysis Tool Aids Data-Driven Decision-Making
Can increasing productivity and reducing carbon emissions go hand-in-hand? For its high-volume machining customers, Sandvik Coromant offers a tool for data collection and comparison to aid sustainability-minded process decisions.
-
Precision Machining Technology Review: August 2024
Production Machining’s August 2024 technology showcase includes some of the latest technology from SW North America, Tsugami, Siemens, Select Manufacturing Technologies, Hurco and ECI Software Solutions — all on display at IMTS 2024.
-
Precision Machining Technology Review: September 2024
Production Machining’s September 2024 technology showcase includes some of the latest technology from Expand Machinery, Paperless Parts, Monaghan Tooling Group, Walter USA and more.