EU Automation explains how manufacturers can use programmable logic controllers and still reduce the risks of cyberattacks like Stuxnet, one of the worst in industrial history.
The Stuxnet worm first infected Windows computers at the Iranian Bushehr nuclear power plant when it gained access to the computers by USB. A USB is considered vulnerable to an onsite hacker attack—in this case, use of a USB stick meant that the worm could spread across computers and networks that were not connected to the internet.
The next victim of the Stuxnet worm was the programmable logic controller (PLC) at a plant to control automated processes on the factory floor. It is not clear who wrote Stuxnet and why, but it has made industries more aware of how a factory can be vulnerable if its computers are not protected.
A PLC is an automated decision-making tool that monitors the state of connected devices and makes decisions to streamline processes.
Technological advances prompted by the Internet of Things (IoT) allow manufacturers to streamline and monitor processes by connecting devices to oversee production in real time. A case in point is the PLC, which is an automated decision-making tool that monitors the state of connected devices and makes decisions to streamline processes. PLCs have now begun offering remote access for ease of maintenance and more flexibility to control other devices.
When fully protected, devices such as a PLC, whether on or offline, can optimize a number of processes on the factory floor. To monitor and control processes, PLCs must be connected to the internet. However, this exposes the technology to cyberattacks. When installing these devices, manufacturers must choose the correct supplier that prioritizes security in not just the device, but also in its programming tools. The following is a list of guidelines for users of PLC systems as they become connected to the internet.
With more devices connecting to the internet, cybersecurity must become a priority to manufacturers. The best way to mitigate the risk of a cyberattack is to prevent any device in the factory from connecting to the outside world. However, this is impossible if manufacturers use devices that require access to the internet to monitor in real-time.
To protect PLCs and other connected devices in the factory, manufacturers must consider the measures that they can take both physically and online. This includes firewalls and creating closed networks where devices are only accessible from the factory-floor network.
PLCs are primarily vulnerable to internal hacking as malware can be introduced to a port using a USB. Manufacturers can limit the access to the Ethernet ports on PLCs and the devices that connect to it by enclosing the equipment. Any device with an Ethernet port that can gain access to the PLC must be locked in an enclosure to restrict the opportunity to tamper with the device. Only authorized workers will have access to the machine and be allowed to use USB sticks with the PLC.
Just like PCs at home, there is software that will protect a PLC to a certain extent. Installing antivirus software protects the PLC and prevents malware from spreading. However, having antivirus software installed isn’t enough. Hackers constantly develop techniques to introduce malware to computers or PLCs once they see that a previous method is blocked. Manufacturers must regularly update their antivirus software to ensure that hackers cannot find a new path to the PLC.
Advances in hardware and connectivity will allow PLCs to carry out more tasks, such as remote and real-time monitoring.
Manufacturers can also reduce the risk of cyberattacks by limiting who can access PCs or devices that connect to the PLC. Several workers may need access to a PLC for different reasons to monitor or control processes on the factory floor. Creating multiple accounts allows the plant or IT manager to control each worker’s access and track their actions. Each person that requires access must be given a personal account with different levels of access, depending on their needs. Manufacturers must also allocate strong passwords to each account to prevent anyone from accessing an account that they should not.
PLCs have changed a lot in the past 50 years, and will no doubt become faster, smaller, and more efficient as time rolls on. Advances in hardware and connectivity will allow PLCs to carry out more tasks, such as remote and real-time monitoring. Manufacturers will have further opportunities to automate the factory floor with technologies such as PLCs. However, strong cybersecurity is important in order to protect the factory floor. Preventative measures help ensure that factories are cyber-safe no matter what hits them, just in case the Stuxnet worm reappears.