Cyber Security for Plant Networks
Deepak Rai Sharma is Solution Manager - Manufacturing at SAP Labs, Bangalore. He has experience in design, development and product management for ERP and Manufacturing applications. He specializes in various logistics and manufacturing modules of SAP ERP and an expert in SAP MII. His current focus is on Enterprise Service Enablement and Adoption of SAP
Manufacturing processes and next generation Manufacturing Connectivity and Intelligence initiatives.
Cyber security means confidentiality, integrity and availability of computers, applications and digital-based data and process systems. Traditionally, the Plant systems have been working in disjunction with the local MRP and other centralized business applications. With the growing demand of Lean Operations and demand driven supply chains, as well as business intelligence reaching the plants through Enterprise Manufacturing Intelligence (EMI) applications, the need for integrated functioning of both Business systems and Plant Systems has become more important than ever. However, these enterprise integration strategies coupled with the increased exposure of company LAN/WAN infrastructures to Internet attacks, can put plant automation and production management systems vulnerable to cyber attacks. How do manufacturers deal with this problem?
Through a combination of advanced infrastructure, progressive software, and pervasive policies, companies can protect their plant infrastructure as well as their corporate financial and strategy systems. This document provides an understanding of the security challenges faced in plant networks and at a high level discusses various ways of protecting them.
While manufacturers have long realized that plant floor information is business imperative for successfully implementing lean supply chain concepts, the technology and applications to make this simpler to implement and govern are now available. But an organization must be careful when exposing plant systems to networks outside the local environment. Exposing plant systems without taking due security measures could jeopardize the functioning of process control systems, causing both physical and financial damages. But this doesn't mean that plant networks should be completely cut off from any external integration. Close scrutiny of plant networks, leading to segregation of plant systems into several subnets based on security requirements along with appropriate usage of technology can make this a manageable process without overly driving up the total cost of ownership. Firewalls, VPN tunneling and technologies provided by SAP such as SAProuter, SAP Web Dispatcher, SSL and SNC reduce the vulnerability of plant systems drastically.
SAP MII, which works on the high security SAP Netweaver platform, leverages many security standards and methodologies to provide safe access to plant information. Secure Programming, Identity Management and appropriate corporate and plant policies can also further help strengthen cyber security within your corporate landscape. And of course, SAP consulting is happy to provide expert analysis and implementation advice for your particular needs.