Page 290 - Electric Drives and Electromechanical Systems
P. 290
Chapter 11 Cyber Physical systems and security 287
environment and endanger public safety. Therefore, the security of SCADA and related
networks has become a prime concern in the overall design process and the risk
assessment process. The risks and hazards will be multiplied in cases where these
systems are integrated with the IIoT and cloud based environments, as they expose
considerably more vulnerabilities (Sajid et al., 2016). While most reliable form of cyber
security is not to connect an organisations process resources to the Internet, termed air
gapping, this will result in systems that do not fit into the current distribute
manufacturing model as found in Industry 4.0 and in cloud manufacturing.
The risk to a company’s information and computer assets comes from a broad
spectrum of threats with a broad range of capabilities. The impact (and therefore the
harm) to any organisation will depend on the opportunities that are presented to an
attacker through the systems vulnerabilities, the capabilities of the attackers to exploit
them, and ultimately their motivation in attacking an organisation. It must be recognised
that cyber security of not solely a technical challenge, but presents a significant socio-
technical challenge as the weakest link may be poor user procedures and processes
(GCHQ, 2016).
To ensure that a manufacturing system in protected against cyber-attack may be
a significant challenge depending on the complexity and distribution of the process.
However, as a starting point to protect the integrity of any computer-based systems, it
will be expected that the organisation will have implemented a set of basic security
requirements, including;
Ensuring that all staff are familiar with the organisation’s network and computer
security policy. Individual staff should be responsible for maintaining password
security and ensuring that all their activities conform to the organisation’s rules
and practices.
The functionality that an individual user can expect from a specific application,
for example ability of change data or print, should be restricted to the minimum
requirement needed for the business to function.
Ensure that passwords are secure by enforcing guidelines for length and characters
used and are regularly changed. Thought should be given to using biometric secu-
rity or other form of authentication, for example two step verification, even for
relatively low-level access. The use of a token storing a cryptographic key, bio-
metric data, or generating a onetime password could also be considered.
Disabling user accessible USB ports and CD drives should be considered, to
prevent uploading possible software viruses or the downloading of sensitive
material. In addition, the need for staff having USB drives or similar devices on site
should be considered carefully. When a file needs to be moved across an organisa-
tion this should be done electronically as opposed to being copied onto a USB
drive that could be used to steal confidential data or simply be accidently lost or
misplaced. If this is approach is not possible, user functionality limits should be
