OPC Classic applications are often deployed with minimal security hardening implemented on them, due to the difficulties experienced in establishing and maintaining OPC Classic connectivity in more locked-down environments. Whatever security is employed, it is subject to changing conditions, requiring it to be periodically adjusted.
While OPC applications are often kept safe by relying on the layers of security implemented within the infrastructure they operate in, this should not be relied on as the only line of defence. With cybersecurity threats to industrial control systems growing daily, the time for hardening OPC Classic-based data infrastructure is now.
Matrikon’s new ‘Best Practices for Securing OPC Classic Applications’ whitepaper offers concrete security recommendations to enable IT and OT professionals to better secure OPC Classic-based data infrastructure. These recommendations can be used to help prevent unauthorised users and bad actors from compromising the confidentiality, integrity and availability of OPC Classic systems.
The following serves as a teaser of what’s covered in the full whitepaper:
OPC Classic (OPC) applications are used globally as a key connectivity standard for process control systems. This makes them an attractive target for bad actors attempting unauthorised access, or worse, to these systems. Securing OPC communications provides protection from unauthorised users seeking to access or corrupt data from process control systems, or interfere with the availability of process control systems data or devices.
All OPC applications are built on the Microsoft Component Object Model (COM) infrastructure and are therefore considered COM components. As such, they can only run on a Windows platform. The Distributed Component Object Model (DCOM) extends COM functionality to multi-user and network communication scenarios. All COM objects are constrained by the Windows DCOM security framework.
Besides DCOM security mechanisms, a COM client’s ability to connect to servers is also affected by firewalls, local security policies (LSP), Group Policy Objects (GPO), authentication requirements and application identities. In short, anything that affects security on a Windows platform can potentially affect OPC connectivity and communication.
Next-level CAN Software enables easy access to CAN XL Industrial Data Xchange (IDX)
Fieldbus & Industrial Networking
With the release of its PCAN-Explorer 7, PEAK delivers a major update that adds full support for CAN XL, multiple symbol files per connection, Python scripting and flexible licensing including floating licenses.
Read more...Loop signature Part 2-2: Feedforward Control: Part 1 Michael Brown Control Engineering
Fieldbus & Industrial Networking
Feedforward control is a powerful technique that can dramatically improve control variance in cases where load changes cause big deviations from setpoint and the actual process dynamics are too slow to allow the feedback controller to operate fast enough to catch these disturbances.
Read more...Beckhoff expands economy drive system Beckhoff Automation
Fieldbus & Industrial Networking
Beckhoff’s new AM1000 servomotor joins the company’s economy drive system. The compact, powerful motor and the AX1000 servo drive provide users with a perfectly coordinated, cost-optimised drive system.
Read more...CC-Link IE Field supports egg carton production
Fieldbus & Industrial Networking
Huhtamaki’s Franeker plant in the Netherlands manufactures more than 11 million egg cartons every week using recycled paper. To support its highly automated lines, the site has begun upgrading its automation systems from older serial network standards to CC-Link IE Field, an open industrial Ethernet technology that offers faster performance due to gigabit bandwidth and better diagnostics.
Read more...Ultra-compact industrial PCs exploit advances in CPU technology Beckhoff Automation
Fieldbus & Industrial Networking
Beckhoff’s C60xx scalable series of ultra-compact industrial PCs combines high computing power in an extremely compact format with a wide range of options for installation in the control cabinet.
Read more...How to protect your industrial network RJ Connect
Editor's Choice Fieldbus & Industrial Networking
Network security is no longer a matter of preventing hacking or data breaches. Traditional defence mechanisms for perimeter protection may not fully address internal threats or device-level vulnerabilities alone.
Read more...High-speed precision and simplified architecture for slicing systems
Fieldbus & Industrial Networking
When KFT Food Machinery needed a way to support ultra-fast, multi-axis motion control in its slicer range, it turned to CC-Link IE TSN – the open industrial Ethernet technology from the CC-Link Partner Association (CLPA).
Read more...Precise, synchronised control for automated steel mesh handling system
Fieldbus & Industrial Networking
Automation specialist Hambi Maschinenbau has developed a world-first system that automates the cutting, handling and stacking of heavy reinforcing steel mesh – a task that previously required up to six human operators.
Read more...Loop Signature Part 2-1: Loop signatures and process transfer functions Michael Brown Control Engineering
Fieldbus & Industrial Networking
The previous series of loop signature articles dealt with the basics of control loop optimisation, and concentrated on troubleshooting and ‘SWAG’ tuning of simple processes. In this new series, consideration will be given to dealing practically with more difficult issues like interactive processes, and with processes with much more complex dynamics.
While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.
printer friendly version