Security considerations

The following section summarizes the security considerations within a production environment, and describes recommendations as applied to a process control network (PCN) or SCADA system (WAN).

Secure layers

Divide the system into secure layers. In the security context, a layer is defined as a division of a network model, through which messages pass as they are prepared for transmission. All layers are separated by a router or smart switch device.

A secure layer is further defined by the need to allow or restrict access and the criticality of the sub-system. An intrusion detection system is deployed in higher-risk layers.

The following figure is designed to show a representative topology. This is not intended to depict an actual plant system topology. It includes the following named layers:

• Corporate network infrastructure

• Process control network (PCN)

• Remote domain network (adjunct to PCN)

Note that all layers (represented by the main backbone) are separated by a firewall or router:

System Platform Software Applications

System Platform applications have been tested in a wide variety of security-related implementations similar to the previous figure. The figure represents the widest usage scenarios of product combinations, which were tested in various scenarios involving limited- or no DCOM connectivity, limited port ranges, narrow firewall settings, and highly routed environments.

Some System Platform software applications, such as AVEVA Batch Management System and MES, utilize a high degree of connectivity to the corporate ERP System and process control enterprise, along with the associated distributed computational and remote services requirements. These applications could be adversely affected if unlimited DCOM connectivity is not available.

The layers and port listings are detailed below.