Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

Cybersecurity Deployment Guide - Security Concepts

TABLE OF CONTENTS

About cybersecurity concepts

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedFeb 20, 2025
  • 2 minute read

The following topics outline basic cybersecurity concepts and associated guidelines to support securely deploying AVEVA products and Industrial Control Systems (ICS) in general.

This guide on its own is a presentation of basic cybersecurity concepts coupled with high-level guidelines that you can use as a roadmap to secure your own systems. This guide is also part of a larger, more detailed cybersecurity deployment guide and serves to define the concepts and terms used throughout the larger guide.

If you need more information about a specific software component in your system, see the official documentation for that component. For example, if you need help with your anti-virus software, see the documentation for configuring that software for your AVEVA component.

AVEVA's approach to securing site networks and ICS software is driven by the following principles:

  • View security from both Management and Technical perspectives

  • Ensure that security is addressed from both IT and ICS perspectives.

  • Design and develop multiple network, system, and software security layers.

  • Ensure industry, regulatory and international standards are considered.

  • Aim to prevent security breaches, supported by detection and mitigation.

These principles are realized by implementing the following security recommendations:

  • Prevent security breaches using the following components:

    • Firewalls

    • Network-based intrusion prevention/detection

    • Host-based intrusion prevention/detection

  • Segregate IT/OT and Plant networks

  • Include a clearly defined and clearly communicated change management policy. For example, tracking and describing firewall configuration changes.

    Note: AVEVA strongly recommends following the guidelines prescribed by the U.S. Department of Commerce for securing ICS software:

    The document "Guide to Industrial Control Systems (ICS) Security" [NIST Special Publication 800-82 Revision 3] (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r3.pdf) provides detailed information about ICS, typical system topologies, security threats and vulnerabilities, and recommendations for implementing security measures.

TitleResults for “How to create a CRG?”Also Available in