From: Belden
Posted by: Heather MacKenzie
My previous article covered part of Scott Howard’s presentation on ICS Security for Oil and Gas applications from this year’s Design Seminar. In that article, we reviewed some of the cyber security fundamentals discussed by Scott.
For example, we examined the fact that most cyber threats are unintentional and originate from within the control network. We also looked at the fact that a perimeter defense is not sufficient and that IT solutions are not appropriate on the plant floor.
Instead, what’s needed is Defense in Depth, that is, multiple layers of defense that work together to prevent network incidents or contain them if they do occur. A key best practice for Defense in Depth is to implement the zone and conduits model as defined in the ISA IEC 62443 standard. While not a regulation, this standard provides practical guidance that leads to more robust cyber security.
Today, we will take a closer look at zones and conduits and then review how they were be implemented in three oil and gas applications.
ISA IEC 62443 in a Nutshell
Leave a Reply