produc t s & serv ices
39
LO G G I N G: U N D ERVA LU ED A N D O F TEN FO RG OT TEN
How zenon provides security for digital factories In security situations or military contexts, it has always been standard practice to deploy guards or send out patrols. In other disciplines, however, security can be woefully neglected. In the manufacturing sector, for example, logging should form the basis of all IT security strategies. Yet it is simply forgotten about in many situations. Read on to find out how zenon can help you to implement this important security process – even consolidating inhomogeneous components in a central logging management system.
In the age of the Internet of Things, machines, equipment, measuring devices and other production units are being digitalized and networked in companies' IT infrastructures. But the task of establishing a central log management system for these diverse components is often put on the back burner. This is partly down to the heterogeneous system landscapes used in the industrial sector, as well as a lack of know-how regarding the log information available for the systems in question. Furthermore, not all of the automation components used have the appropriate technical interfaces or configuration options. Despite these challenges, however, modern automation systems such as zenon offer solution strategies for logging. It is important that all operational systems are incorporated into a central log strategy in order to achieve overarching security objectives. All relevant standards – such as ISO 27001 or IEC 62443 – stipulate this as an integral requirement. N U M E RO U S DATA SO U RC E S A LR E A DY AVAI L A B LE As the person responsible for IT security, the first thing you need to think about is the range of possible data sources. Typically, an HMI/SCADA system such as zenon will provide information which can be useful for logging, as we outline below.
E V E NT LI S T S/O P E R ATI N G LO G S : These logs are generally available in all automation solutions and contain security-related information alongside process data. This includes, for example, user logins and logouts and entries detailing when a new client logs into the server. In the latest zenon versions, this information can also be filtered. A L A R M M E S SAG E LI S T S : Alarms can provide specific information about critical system states. These can relate to the actual production process, but can also be used to monitor the IT components. In zenon, for example, hardware utilization – for example, the CPU load or the memory requirement for the application – can be monitored in a targeted manner. This means that atypical occurrences relating to the operating states – for example, a case of data theft at night when production is at a standstill – can be easily specified and identified using the central logging system. CO M M U N I C ATI O N S TATI S TI C S : zenon offers lots of ways to monitor network communication and that of individual zenon drivers. With the variables from the system drivers and the communication details available for each driver, you can maintain a detailed overview of all communication. For
