OPC Classic applications are often deployed with minimal security hardening implemented on them, due to the difficulties experienced in establishing and maintaining OPC Classic connectivity in more locked-down environments. Whatever security is employed, it is subject to changing conditions, requiring it to be periodically adjusted.
While OPC applications are often kept safe by relying on the layers of security implemented within the infrastructure they operate in, this should not be relied on as the only line of defence. With cybersecurity threats to industrial control systems growing daily, the time for hardening OPC Classic-based data infrastructure is now.
Matrikon’s new ‘Best Practices for Securing OPC Classic Applications’ whitepaper offers concrete security recommendations to enable IT and OT professionals to better secure OPC Classic-based data infrastructure. These recommendations can be used to help prevent unauthorised users and bad actors from compromising the confidentiality, integrity and availability of OPC Classic systems.
The following serves as a teaser of what’s covered in the full whitepaper:
OPC Classic (OPC) applications are used globally as a key connectivity standard for process control systems. This makes them an attractive target for bad actors attempting unauthorised access, or worse, to these systems. Securing OPC communications provides protection from unauthorised users seeking to access or corrupt data from process control systems, or interfere with the availability of process control systems data or devices.
All OPC applications are built on the Microsoft Component Object Model (COM) infrastructure and are therefore considered COM components. As such, they can only run on a Windows platform. The Distributed Component Object Model (DCOM) extends COM functionality to multi-user and network communication scenarios. All COM objects are constrained by the Windows DCOM security framework.
Besides DCOM security mechanisms, a COM client’s ability to connect to servers is also affected by firewalls, local security policies (LSP), Group Policy Objects (GPO), authentication requirements and application identities. In short, anything that affects security on a Windows platform can potentially affect OPC connectivity and communication.
How industrial network design impacts ESG commitments Omniflex Remote Monitoring Specialists
Fieldbus & Industrial Networking
In safety-critical industries like nuclear, petrochemical and oil and gas, installing a new industrial cable network is an extremely complicated task. Gary Bradshaw, a director of industrial network specialist, Omniflex explains why this is often unnecessary as plants are likely to have existing cabling capable of being used to create new industrial networks.
Read more...Minelert industrial solutions
Fieldbus & Industrial Networking
Profitek provides cutting-edge industrial networking, automation and IoT solutions for harsh environments.
Read more...The ultimate industrial LoRaWAN gateway
Fieldbus & Industrial Networking
The GW-101-LORA-4AO is the ultimate industrial LoRaWAN gateway, combining advanced IoT connectivity with expandable I/O.
Read more...Industrial Power-over-Ethernet DC injector
Fieldbus & Industrial Networking
The ML-NET-INJECT series sets the standard for industrial PoE, featuring IP68-rated RJ45 connectors and military-grade components for extreme reliability.
Read more...Industrial networking IO-Link
Fieldbus & Industrial Networking
Balluff IO-Link Network Modules enable seamless, intelligent communication between sensors, actuators and control systems. Designed for Industry 4.0, they provide real-time data exchange, simplify wiring, and enhance diagnostics.
Read more...Hirschmann Lemur PoE Light Management Series
Fieldbus & Industrial Networking
The Hirschmann Lemur PoE Light Management Series provides intelligent power and lighting control for industrial environments as an edge switch.
Read more...Hirschmann MSP Modular Series
Fieldbus & Industrial Networking
The Hirschmann MSP Modular Series is a scalable networking solution designed for adaptability and high performance in industrial applications.
Read more...PC-based automated production system for photo calendars Beckhoff Automation
Fieldbus & Industrial Networking
Producing up to 1800 photo calendars per hour using more than 90 servo axes, Durrer Spezialmaschinen develops a wide variety of special-purpose machines from the design phase to commissioning. A new production system for photo calendars proves the importance of comprehensive motion control expertise, with AM8000 servomotors and AX5000 servo drives from Beckhoff used for over 90 dynamically controlled axes.
Read more...Beckhoff’s TwinCAT Vision functionality extended Beckhoff Automation
Fieldbus & Industrial Networking
The Beckhoff TwinCAT 3 Vision software portfolio offers additional image processing functions and extra options for camera integration.
printer friendly version